Jump to content
Sign in to follow this  

sony - rsa - hbary - lulzsec - anonymous ... whitehats/blackhats

Recommended Posts

drupal.org & co.


Dear community member,


We respect the privacy of your information, which is why, as a precautionary measure, we are writing to let you know about an incident that involves your personal information. The Drupal.org Security and Infrastructure Teams have discovered unauthorized access to account information on Drupal.org and groups.drupal.org. Information exposed includes usernames, email addresses, and country information, as well as hashed passwords. However, we are still investigating the incident and may learn about other types of information compromised, in which case we will notify you accordingly.


This unauthorized access was made via third-party software installed on the Drupal.org server infrastructure, and was not the result of a vulnerability within the Drupal software itself. This notice applies specifically to user account data stored on Drupal.org and groups.drupal.org, and not to sites running Drupal generally.


We have implemented additional security measures designed to prevent the recurrence of such an attack, and to protect the privacy of our community members.


The next time you attempt to log into your account, you will be required to create a new password.


Below are steps you can take to further protect your personal information online. We encourage you to take preventative measures now to help prevent and detect the misuse of your information.


First, we recommend as a precaution that you change or reset passwords on other sites where you may use similar passwords, even though all passwords on Drupal.org are stored salted and hashed. All Drupal.org passwords are both hashed and salted, although some older passwords on groups.drupal.org were not salted. To make your password stronger:


* Do not use passwords that are simple words or phrases

* Never use the same password on multiple sites or services

* Use different types of characters in your password (uppercase letters, lowercase letters, numbers, and symbols).


Second, be cautious if you receive emails asking for your personal information and be on the lookout for unwanted spam. It is not our practice to request personal information by email. Also, beware of emails that threaten to close your account if you do not take the "immediate action" of providing personal information.


For more information, please review the security announcement and FAQ at https://drupal.org/news/130529SecurityUpdate. If you find any reason to believe that your information has been accessed by someone other than yourself, please contact the Drupal Association immediately, by sending an email to password@association.drupal.org.


We regret that this incident has occurred and want to assure you we are working hard to improve security.


Thank you,

Holly Ross

Drupal Association Executive Director

Share this post

Link to post
Share on other sites



Dear Client


At the end of last week, Hetzner technicians discovered a "backdoor" in one of our internal monitoring systems (Nagios).

An investigation was launched immediately and showed that the administration interface for dedicated root servers (Robot) had also been affected. Current findings would suggest that fragments of our client database had been copied externally.

As a result, we currently have to consider the client data stored in our Robot as compromised.

To our knowledge, the malicious program that we have discovered is as yet unknown and has never appeared before.

The malicious code used in the "backdoor" exclusively infects the RAM. First analysis suggests that the malicious code directly infiltrates running Apache and sshd processes. Here, the infection neither modifies the binaries of the service which has been compromised, nor does it restart the service which has been affected.

The standard techniques used for analysis such as the examination of checksum or tools such as "rkhunter" are therefore not able to track down the malicious code.

We have commissioned an external security company with a detailed analysis of the incident to support our in-house administrators. At this stage, analysis of the incident has not yet been completed.

The access passwords for your Robot client account are stored in our database as Hash (SHA256) with salt. As a precaution, we recommend that you change your client passwords in the Robot.

With credit cards, only the last three digits of the card number, the card type and the expiry date are saved in our systems. All other card data is saved solely by our payment service provider and referenced via a pseudo card number. Therefore, as far as we are aware, credit card data has not been compromised.

Hetzner technicians are permanently working on localising and preventing possible security vulnerabilities as well as ensuring that our systems and infrastructure are kept as safe as possible. Data security is a very high priority for us. To expedite clarification further, we have reported this incident to the data security authority concerned.

Furthermore, we are in contact with the Federal Criminal Police Office (BKA) in regard to this incident.

Naturally, we shall inform you of new developments immediately.

We very much regret this incident and thank you for your understanding and trust in us.

A special FAQs page has been set up at Security Issue/en to assist you with further enquiries.

Kind regards

Martin Hetzner

Share this post

Link to post
Share on other sites
Because of the bug, some of the information used to make friend recommendations and reduce the number of invitations we send was inadvertently stored in association with people’s contact information as part of their account on Facebook. As a result, if a person went to download an archive of their Facebook account through our Download Your Information (DYI) tool, they may have been provided with additional email addresses or telephone numbers for their contacts or people with whom they have some connection. This contact information was provided by other people on Facebook and was not necessarily accurate, but was inadvertently included with the contacts of the person using the DYI tool.


Share this post

Link to post
Share on other sites

a me è già arrivata email:


Dear Marco,

Your privacy is incredibly important to everyone who works at Facebook, and we're dedicated to protecting your information. While many of us focus our full-time jobs on preventing or fixing issues before they affect anyone, we recently fell short of our goal and a technical bug caused your telephone number or email address to be accessible by another person.

The bug was limited in scope and likely only allowed someone you already know outside of Facebook to see your email address or telephone number. That said, we let you down and we are taking this error very seriously.

Describing what caused the bug can get pretty technical, but we want to explain how it happened. When people upload their contact lists or address books to Facebook, we try to match that data with the contact information of other people on Facebook in order to generate friend recommendations. Because of the bug, the email addresses and phone numbers used to make friend recommendations and reduce the number of invitations we send were inadvertently stored in their account on Facebook, along with their uploaded contacts. As a result, if a person went to download an archive of their Facebook account through our Download Your Information (DYI) tool, which included their uploaded contacts, they may have been provided with additional email addresses or telephone numbers.

Here is your contact Information (inadvertently accessible by at most 1 Facebook user):



We estimate that 1 Facebook user saw this additional contact info displayed next to your name in their downloaded copy of their account information. No other info about you was shown and it's likely that anyone who saw this is not a stranger to you, even if you're not friends on Facebook.

We recognize that mistakenly sharing contact info is unacceptable, even if you are acquainted with people who saw these details, and we've taken measures to prevent this from happening again. For more information on the bug, please read our blog post.

All of us at Facebook take this issue very personally. We appreciate your ongoing use of Facebook, and are working every day to deliver the level of service you expect and deserve.

Thank you,

The Facebook Team


e 2 giorni fa mi sono arrivate 3 richieste di password reset mai fatte...

Share this post

Link to post
Share on other sites



A few days ago, we discovered that the internal security of our offices in Roubaix had been compromised. After internal investigations we found that a hacker was able to gain access to an email account of one of our system administrators. With this email access, they was able to gain access to the internal VPN of another employee. Then with this VPN access, they was able to compromise the access of one of the system admins who deals with the internal backoffice.

OVH Tasks**

Share this post

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now
Sign in to follow this