Language Selection

English French German Italian Portuguese Spanish

Sourceforge Attack: Full Report

Filed under
Security
Web

As we’ve previously announced, SourceForge.net has been the target of a directed attack. We have completed the first round of analysis, and have a much more solid picture of what happened, the extent of the impact, our plan to reduce future risk of attack. We’re still working hard on fixing things, but we wanted to share what we know with the community.

We discovered the attack on Wednesday, and have been working hard to get things back in order since then. While several boxes were compromised we believe we caught things before the attack escalated beyond its first stages.

Our early assessment of which services and hosts were impacted, and the choice to disable CVS, ishell, file uploads, and project web updates appears to have prevented any further escalation of the attack or any data corruption activities.

rest here




More in Tux Machines

Sean Michael Kerner on OpenStack

Xubuntu 15.04 Vivid Vervet - Fabulous

I have to say, Xubuntu 15.04 Vivid Vervet shattered my expectations. Obliterated them. Overall, I was expecting a distro that would be about as good as its parent. Instead, I got this fine piece of digital machinery, which purrs and meows and growls like a turbo-charged tiger, if this silly metaphor makes any sense. Or is it an analogy? Now, one tiny software glitch, plus one big regression that affects the entire family. That's the sum of my complains. On the plus side, Xubuntu fully supports the hardware, including the tricky UEFI stuff, it's fast, robust, elegant, rich in software and features, simple and fun to use, and it works well with anything I've thrown at it. By far the best distro of this year. I don't give out 10/10 lightly, but I'm inclined to do that right now, even though the few tiny problems we've had prevent me from doing that. However, the whole package reminds me of Fuduntu, really. Pure and simple and just good. 9.99999/10. Try it, you won't be disappointed. We're done here. Read more

Akanda Pledges to Keep SDN Tech for OpenStack Open-Source

Rosendahl emphasized that Akanda was born as open-source software and will remain open-source. From a commercial perspective what Akanda provides to enterprises is support and professional services. Read more

A New Firefox OS phone

Last Monday, I bought the phone anyway. I must say that I am very pleased by its performance and very cheap price. One can swap the SIM card to use the phone with another carrier here, too. Read more