Language Selection

English French German Italian Portuguese Spanish

Sourceforge.net attack

Filed under
Web

Yesterday our vigilant operations guys detected a targeted attack against some of our developer infrastructure. The attack resulted in an exploit of several SourceForge.net servers, and we have proactively shut down a handful of developer centric services to safeguard data and protect the majority of our services.

Our immediate priorities are to prevent further exposure and ensure data integrity. We’ve had all hands on deck working on identifying the exploit vector or vectors, eliminating them, and are now focusing on verifying data integrity and restoring the impacted services.

rest here




More in Tux Machines

Linux Kernel 3.16.37 LTS Is a Massive Update with Tons of Networking Changes

Immediately after announcing the release of Linux kernel 3.2.82 LTS, maintainer Ben Hutchings proudly informed the community about the availability of the thirty-seventh maintenance update to the Linux 3.16 LTS kernel series. Read more

New CentOS Atomic Host Update Released with Linux Kernel 3.10, Docker 1.10.3-46

CentOS Project's Jason Brooks is back again with some awesome news for those interested in using the CentOS Atomic Host operating system designed for running Docker containers on top of the RHEL-based CentOS Linux 7 platform. Read more

today's leftovers

  • Refracta 8 Beta 2 Screenshot Tour
  • Please share the news! OpenMandriva Lx Project of the Week at SourceForge
    OpenMandriva Lx has been chosen by SourceForge to be among Projects of the Week August 22nd, 2016.
  • Ceph, Git, YaST, kernel update in Tumbleweed
    Four Tumbleweed snapshots were released since the last article and the snapshot of the week, 20160816, brought users a new version of gtk3 (3.20.8). Updated in the repositories for this snapshot was an updated version of yast2-auth-client (3.3.10). Cairo graphics fixed several bugs and Apache2 removed the omc xml config because the change log states it is “useless nowdays.” Snapshot 20160817 has several updates for the scalable storage platform ceph, which added an ability to reduce the constraints on resources required to build ceph and ceph-test packages. Git updated to version 2.9.3 and glib2 had several subpackages updated as did gnome-desktop. This snapshot caused quite a bit of chatter on the openSUSE Factory mailing list and serves as a reminder for people using openSUSE Tumbleweed to subscribed to the mailing list so they are aware of the updates.
  • Slackware Live Edition 1.1.3 based on Slackware -current 11 Aug 2016
    Last time I wrote about Slackware Live Edition was when I released the version 1.1.0 of the scripts. And that was two months ago; lots of updates have been made inbetween. Today I released version 1.1.3 of ‘liveslak’. I made a set of ISO images (during the last couple of days actually… it is time-consuming) for the Slackware Live Edition based on liveslak 1.1.3 and using Slackware-current dated “Thu Aug 11 18:24:29 UTC 2016“. These ISO images have been uploaded and are available on the primary server ‘bear‘.
  • Take that boredom
    While I was bored on Defcon, I took the smallest VPS in DO offering (512MB RAM, 20GB disk), configured nginx on it, bought domain zlatan.tech and cp'ed my blog data to blog.zlatan.tech. I thought it will just be out of boredom and tear it apart in a day or two but it is still there. Not only that, the droplet came with Debian 8.5 but I just added unstable and experimental to it and upgraded. Just to experiment and see what time will I need to break it. To make it even more adventurous (and also force me to not take it too much serious, at least at this point) I did something on what Lars would scream - I did not enable backups!
  • Mir 0.24 Released, Vulkan Still Not Supported
  • First Ever Smartphone Market Recession - Two Quarters of Market Decline Means Flat or Declining Annual Smartphone Sales for 2016 - Oh, and Q2 Market Data
    First off, the big news. We’ve hit the first Smartphone Market Recession. I just finished doing the Q2 market analysis (its the summer vacation and a slow time in tech, and the numbers are of course here, below) but yeah. We now do see the numbers clearly. Like in how they measure the GDP growth/decline as a measure of an economy being in a recession, we can now declare that officially, the smartphone market has hit its first-ever recession. For two quarters in a row, counting a 12 month moving average sales, the smartphone market has contracted. It hasn’t contracted by much (only 2%) but it is nonetheless the first time ever that this industry of less than 20 years of age has contracted. Even in previous global economic recessions, the smartphone market grew. Now it didn’t. So previously I was predicting a modest growth for the market from year 2015 to 2016, now I say there will be no growth, we’ll be lucky to have flat sales (about 1.44 Billion smartphones sold) and its likely we’ll be down a bit, like 1.41 Billion)

Leftovers: Software

  • MKVToolNix 9.4 Open-Source MKV Manipulation App Polishes Existing Functionality
    MKVToolNix creator Moritz Bunkus proudly announced the release of MKVToolNix 9.4.0, the latest stable and most advanced build of the open-source and free MKV (Matroska) manipulation software for GNU/Linux, Mac OS X, and Windows OSes. Dubbed Knurl, MKVToolNix 9.4.0 is not a major release, and there aren't many improvements added to its core components. Instead, this maintenance update tries to polish existing functionality and address a few of the issues reported by users since last month's MKVToolNix 9.3.1. Also, it comes with a warning for package maintainers who reported issues when compiling the app against libEBML 1.3.4 and libMatroska 1.4.5.
  • 4 Cloud-based Applications that Work Perfectly on Linux
    As far as cloud-based applications go, the market seems to be very competitive. With the recent OneDrive controversy, users are becoming much more conscious about how and where they invest their valuable data. Pricing changes or changes in business models have started to backfire against companies pretty quickly. In other words, cloud-based applications are no longer second-class citizens on the desktop. In fact, they have become a solid business model that big companies like Google, Microsoft, and Apple heavily rely on. Now that the cloud has become an end-user commodity rather than a product that was meant for data giants, companies are trying hard to increase the outreach of their cloud services to clients across all platforms. One such attempt is to bring more Linux users to the party by treating Linux-based desktops at the same level as their Windows and Mac counterparts. Many cloud-focused companies have already made available well-supported Linux clients for their services. This, in turn, has made Linux as a lucrative platform for people who dual boot or switch their computers a lot. That way, they can enjoy all their important files on Windows at work and Linux at home. It's a win-win situation for both parties. Today, we will be focusing on a few such cloud-based applications that work natively on Linux without any major glitches or bugs.
  • The Forecast Isn’t Looking Bright For GNOME Weather
    GNOME Weather is no longer able to display weather forecasts.
  • This App Lets You Set-Up And Configure Razer Keyboards on Linux