Language Selection

English French German Italian Portuguese Spanish

WineHQ database compromise

Filed under
Software
Security
Web

I am sad to say that there was a compromise of the WineHQ database system.

What we know at this point that someone was able to obtain unauthorized access to the phpmyadmin utility. We do not exactly how they obtained access; it was either by compromising an admins credentials, or by exploiting an unpatched vulnerability in phpmyadmin.

We had reluctantly provided access to phpmyadmin to the appdb developers (it is a very handy tool, and something they very much wanted). But it is a prime target for hackers, and apparently our best efforts at obscuring it and patching it were not sufficient.

So we have removed all access to phpmyadmin from the outside world.

We do not believe the attackers obtained any other form of access to the system.

Rest here




More in Tux Machines

Meet the Ubuntu Powered Augmented Reality Helmet

An Ubuntu powered augmented reality (AR) helmet will be on show at Mobile World Congress, 2017. Read more

More Security News

An AI Hedge Fund Created a New Currency to Make Wall Street Work Like Open Source

Singapore IT bosses turn to open source

In order to successfully compete in the age of the customer and continue to deliver world-class operational capabilities, senior IT decision makers from Singapore plan to focus on three IT and business priorities in the next 12 months. These include reducing cost and improving operational efficiency (78%); improving their organization’s ability to innovate (46%); and improving customer experience (46%). These three priorities have been reflected in respondents’ strategic IT initiatives in the next 12 months to transform both internal and customer facing technologies. Three-fourths (76%) identified integration of back-end systems-of-record with customer-facing mobile and web systems-of-engagement as a high or critical priority. More than half (56%) identified modernization of key legacy applications as a high or critical priority. Read more