Providing Free and Editor Tested Software Downloads

MajorGeeks.com - I see geeky people.

All In One Tweaks

Antivirus & Malware

Drives (SSD, HDD, USB)

Graphics & Photos

MajorGeeks Windows Tweaks

Office & Productivity

· How To and Tutorials
· Life Hacks and Reviews
· Way Off Base
· MajorGeeks Deals
· News
· Off Base
· Reviews

· YouTube
· Facebook
· Instagram
· Twitter
· Pintrest
· RSS/XML Feeds

· News Blur
· Yahoo
· Symbaloo

· Top Freeware Picks
· Malware Removal
· Geektionary
· Useful Links
· About Us

· Copyright
· Privacy
· Terms of Service
· How to Uninstall

1. GS Auto Clicker

2. Macrium Reflect FREE Edition

3. Smart Defrag

4. Visual C++ Redistributable Runtimes AIO Repack

5. Visual C++ Runtime Installer (All-In-One)

6. McAfee Removal Tool (MCPR)

9. K-Lite Mega Codec Pack

10. Sergei Strelec's WinPE

How to Disable 1-Click Ordering on Amazon (and Avoid Surprise Charges)

How to Fix Shallow Paint Layer Depth in Bambu Studio

Aviator Betting Game Secrets: Unlock 97% RTP & Triple Your Wins

Windows Recall: What It Is, Why Hackers Will Love It, and How to Stay Safe

Star Trek Fleet Command Promo Codes: Redeem Codes for Free Shards, Blueprints And Resources

How To Use VLC Media Player to Trim Video Clips

What Is the $WinREAgent Folder and Can I Delete It?

Swear Your Way to Better Search Results

How to Get a Dark Start Menu and Taskbar in Windows 10 & 11

Enable, Disable, Manage, Delete or Create a System Restore Point

vBulletin Breached; User Data Compromised

Posted by: Timothy Weaver on 11/07/2015 10:10 AM [ Comments ]

vBulletin was breached and it made 480,000 subscribers vulnerable. To mitigate the attack, vBulletin reset the passwords for all subscribers.

A security patch was released Monday night, but ars technica suggested that from available evidence the site "contained a zero-day vulnerability that allowed hackers in the wild to gain almost complete control over websites that used the forum app."

Wayne Luke, technical support lead at vBulletin, denied it being a zero day attack and instead suggested that the attack was: "These hackers were able to compromise an insecure system that was used for testing vBulletin mobile applications."

However, Tod Beardsley, principal security research manager at Rapid7, said in a statement issued on Wednesday, that it looks like the attack on vBulletin was due to a SQL injection bug in its forum software.

Beardsley went on to say that organizations that rely on vBulletin should apply the security patch immediately. "vBulletin is a popular target, since compromising a forum site can provide an effective platform for a watering hole attack. An unpatched bug in the platform can expose downstream users to serious risk."

Source: SCMagazine

Comments

comments powered by Disqus

© 2000-2025 MajorGeeks.com

Powered by Contentteller® Business Edition