Miscreants took advantage of weak security to hack into two NASA-run websites
over the weekend.
The websites of NASA’s Instrument Systems and Technology unit and Software
Engineering division were broken into and screenshots illustrating the hack
posted online. Hackers appear to have taken advantage of SQL Injection flaws and
poor access controls in mounting the attack, reports Gunter Ollmann, an ex-IBM
security expert who is now VP of Research at security firm Damballa.