Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 25 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

vBulletin denies its hacking was due to zero-day vulnerability

by The Gurus
November 22, 2013
in Editor's News
Share on FacebookShare on Twitter

The forum of vBulletin was illegally accessed last week, but the website has denied that attackers exploited an unpatched zero-day vulnerability to achieve the hack.

According to a new comment by vBulletin’s techical support lead Wayne Luke, he said that evidence from attackers Inject0r team has led it to believe that it was not down to a zero-day vulnerability in vBulletin. “These hackers were able to compromise an insecure system that was used for testing vBulletin mobile applications. The best defense against potential compromises is to keep your system running on the very latest patch release of the software,” he said.
Despite this, Inject0r Team put the alleged exploit in VBulletin’s server software up for sale for $700. The network attack saw Inject0r Team steal the user identities of customers and encrypted passwords.
It said in a statement that its security team discovered sophisticated attacks on its network and it took the precaution of resetting passwords. “We apologise for any inconvenience this has caused but felt that it was necessary to help protect you and your account,” it said.
Security blogger Graham Cluley, told IT Security Guru that as vBulletin is used by so many sites, but many people would ask how good at security they are themselves. “Of course, there’s great embarrassment for VBulletin in regard to this security breach. If the organisation that ‘makes’ the software can’t keep its own installations secure, what hope do other sites have?”
“Clearly there’s still some uncertainty about what exactly took place, but some online forums aren’t taking any chances and are closing their message boards until they feel confident things are safe again.”
FacebookTweetLinkedIn
ShareTweet
Previous Post

Yahoo announces plans to encrypt all traffic

Next Post

Fake profiles bother LinkedIn

Recent News

The Journey to Secure Access Service Edge (SASE)

The Journey to Secure Access Service Edge (SASE)

September 22, 2023
WatchGuard

WatchGuard acquires CyGlass for AI-powered network anomaly detection

September 21, 2023
'open' sign on window ledge

SME Cyber Security – Time for a New Approach?

September 21, 2023
Keeper Security Logo

Keeper Security Named a Market Leader in Privileged Access Management (PAM) by Enterprise Management Associates

September 21, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information