LINUX.ORG.RU
ФорумTalks

В сети происходит масштабная атака на vbulleten

 ,


1

2

Получил уже два письма за неделю о взломах форумов известных компаний: первое было от Notebook Review от 11 сентября:

Dear NotebookReview Forums User:

We've discovered a security breach in the NotebookReview Forums. We are strongly encouraging you to change your passwords on the NotebookReview Forum and on any other systems where you use the same username and passwords.

vBulletin, the forum software we use, has confirmed that the software contains a security hole, and we've followed their directions and corrected the issue.

We've thoroughly reviewed our logs and identified that hash-encrypted stores of user names and passwords may have been accessible to the criminal hackers responsible for the breach. There is the potential that a skilled hacker could decrypt that information, so we are informing our entire user base and urge that you change your password immediately.

We are investigating the breach and intend on pursuing legal action against the violators when they are identified. TechTarget and NotebookReview take the security of your information very seriously and apologize for any inconvenience.

We have an actively monitored thread here where you can ask questions, express concerns and keep us aware of any pertinent information. Please reply on that thread or contact me via direct message at CLeonard should you have any specific/private concerns.

Chris Leonard Director of Community TechTarget, Inc./NotebookReview

Второе пришло только что от Zimbra:

Dear Friend,

You are receiving this email because you are subscribed to Zimbra forums notifications.

The forums on http://www.zimbra.com were recently the target of an attack in which the main forum page was defaced and some personal data was potentially compromised. The personal data that may have been compromised is relegated to the following: email addresses registered to the forums, demographic data shared and real names given during the registration process, and passwords. The attack was limited solely to the forums; no billing data, credit card numbers, or any other personal data was compromised at any time.

This attack was due to a vulnerability found in third-party software used by Zimbra to run the forums on http://www.zimbra.com. As soon as the attack was detected, we took steps to block access to the attackers and placed the forums in a maintenance mode to prevent further risk while we investigated and saved forensic data. Steps have now been taken to update the software to address the vulnerability that was exploited and to prevent future such incidents. Zimbra security is also investigating the incident further to determine if legal action is necessary.

As a result of the exploit, some accounts may have been compromised and encrypted passwords received, posted, or changed by the attackers. We have reset all passwords, and everyone with a forum account on http://www.zimbra.com will be required to go through the email verification process to reset their passwords and regain access to their accounts.

We do apologize for the inconvenience. If there are any further questions, please contact us at forums@zimbra.com.

Sincerely,

Zimbra Team

Т.к. я отказался от поддержки любого php-движка на своих серверах, не знаю что и посоветовать держателем сего чуда. А пользователям можно самоудалиться или изменить пароль.

Ответ на: комментарий от gh0stwizard

Бери глубже, давайте выкладывать в социальных сетях пароли в открытом виде. Чтобы человечество не тратило времени на расшифровку паролей.

true_admin ★★★★★ ()

перед этим была(или идет до сих пор) массовая атака на вордпресс

от хостера уведомляли

fcx ★★★ ()
Ответ на: комментарий от Frakhtan-teh

жене сказал, чтоб двухфакторную авторизацию по смс на вход в админку включила

а то мало ли

fcx ★★★ ()
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.