Language Selection

English French German Italian Portuguese Spanish

Sourceforge Attack: Full Report

Filed under
Security
Web

As we’ve previously announced, SourceForge.net has been the target of a directed attack. We have completed the first round of analysis, and have a much more solid picture of what happened, the extent of the impact, our plan to reduce future risk of attack. We’re still working hard on fixing things, but we wanted to share what we know with the community.

We discovered the attack on Wednesday, and have been working hard to get things back in order since then. While several boxes were compromised we believe we caught things before the attack escalated beyond its first stages.

Our early assessment of which services and hosts were impacted, and the choice to disable CVS, ishell, file uploads, and project web updates appears to have prevented any further escalation of the attack or any data corruption activities.

rest here




More in Tux Machines

Open source near ubiquitous in IoT, report finds

Open source is increasingly standard operating procedure in software, but nowhere is this more true than Internet of Things development. According to a new VisionMobile survey of 3,700 IoT developers, 91% of respondents use open source software in at least one area of their software stack. This is good news for IoT because only open source promises to reduce or eliminate the potential for lock-in imposed by proprietary “standards.” What’s perhaps most interesting in this affection for open source, however, is that even as enterprise developers have eschewed the politics of open source licensing, IoT developers seem to favor open source because “it’s free as in freedom.” Read more

Ubuntu 16.04 – My Experience so Far and Customization

While I earnestly anticipated the release of Unity 8 with Xenial Xerus (after watching a couple of videos that showcased its function), I was utterly disappointed that Canonical was going to further push its release — even though it was originally meant to debut with Ubuntu 14.04. Back to the point at hand, I immediately went ahead and installed Unity Tweak Tool, moved my dash to the bottom (very important) and then proceeded to replace Nautilus with the extensive Nemo file manager which is native to Linux Mint and by far superior to the former (my opinion). Read more

Raspberry Pi gets a hybrid tube audio amp HAT

Pi 2 Design’s 503HTA Hybrid Tube Amp is a HAT add-on for 40-pin Raspberry Pi’s that taps a 24-bit, 192Khz DAC for that old-time tube amplifier sound. The Raspberry Pi has inspired a variety of retro technology hacks, from resurrecting ancient televisions to breathing new life into vintage gaming platforms. So it’s not surprising to see the SBC matched with the guts of an old-school tube amplifier system, as it is in Pi 2 Design’s 503HTA Hybrid Tube Amp. Read more

Snapdragon SoCs to get Neural Processing Engine SDK

Qualcomm announced a deep learning toolkit for implementing neural processing and other AI functions directly on devices that integrate Snapdragon 820 SoCs. The “Snapdragon Neural Processing Engine” is Qualcomm’s first deep learning software development kit for devices based on its Snapdragon 820 SoCs. The SDK, which is due for release in the second half of 2016, brings the company’s “Zeroth Machine Intelligence Platform” to Snapdragon 820 based devices. Read more