Language Selection

English French German Italian Portuguese Spanish

Sourceforge Attack: Full Report

Filed under
Security
Web

As we’ve previously announced, SourceForge.net has been the target of a directed attack. We have completed the first round of analysis, and have a much more solid picture of what happened, the extent of the impact, our plan to reduce future risk of attack. We’re still working hard on fixing things, but we wanted to share what we know with the community.

We discovered the attack on Wednesday, and have been working hard to get things back in order since then. While several boxes were compromised we believe we caught things before the attack escalated beyond its first stages.

Our early assessment of which services and hosts were impacted, and the choice to disable CVS, ishell, file uploads, and project web updates appears to have prevented any further escalation of the attack or any data corruption activities.

rest here




More in Tux Machines

10 Great Plasma Widgets for KDE with Screenshots

Since the introduction of Plasma widgets in KDE4, the whole desktop took a new direction, starting to become a more interactive way to communicate with the user, to say nothing about the fact that a desktop with widgets will look more beautiful than a plain, icon-only desktop. Read more

OPNFV Adds Chinese Telecom to Open Source NFV/SDN Partnership

The Linux Foundation's OPNFV project won a significant endorsement this week from China-based ZTE Corporation, which stands to increase the global reach of the open source network functions virtualization (NFV) and software-defined networking (SDN) initiative. Based in Shenzen, China, ZTE is a major manufacturer of telecom... Read more

Elive 2.4.5 beta released

The Elive Team is proud to announce the release of the beta version 2.4.5 Read more

Red Hat Pushes Forward with CentOS [VIDEO]

At the beginning of 2014, Red Hat embraced the community CentOS Linux distribution. It's a move that brought the clone of Red Hat Enterprise Linux (RHEL) closer into the Red Hat organization. In a video interview, Paul Cormier, EVP and President at Red Hat, details how the CentOS relationship has worked out over the course of 2014. Read more