It is currently 15-12-2017 13:14

As a result of the hacking forum Ubuntu of the stolen personal data of more than 2 million users

As a result of the hacking forum Ubuntu of the stolen personal data of more than 2 million users

by seo_worker » 2016-07-20 07:52:24



Attackers proekspluatirovat known vulnerability in the Supplement Forum Runner that allows to perform SQL-injection.
Canonical has published a warning about the hacking of the official forum of Ubuntu. In the attack were stolen IP addresses, usernames and e-mail addresses of more than 2 million users of the resource. About incident it became known on 14 July this year after one of the users informed about the availability of copies of the database forum.
As shown by the investigation, the attackers proekspluatirovat known vulnerability in addition to used Forum Runner on vBulletin forum engine. This issue could allow execution of arbitrary SQL injection. Currently, the vulnerability has now been fixed.
According to the notification, the attackers are unable to access the Ubuntu repositories, the update mechanism and the actual user passwords. As suggested by the administrator, attackers also failed to obtain shell access to the servers. The data in the database modification was not carried out. Other services Canonical and Ubuntu were not compromised.
In order to prevent data leaks in the future, Canonical has set the module ModSecurity and organized tracking the timely installation of updates for a component of vBulletin.
seo_worker
moderators
Сообщений: 789
Депозит: 0.005 BTC

Rating: 2