430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Data Breach – Hackers violated a server at Linux Australia

The organization Linux Australia revealed that one of its servers was hacked. The personal data of conference attendees might have been exposed. Linux Australia revealed a data breach occurred on March 22, according to the organization attackers may have accessed personal details of conference attendees. Linux Australia is an organization that represents nearly 5,000 Australian users […]

Data Breach – Hackers violated a server at Linux Australia

The organization Linux Australia revealed that one of its servers was hacked. The personal data of conference attendees might have been exposed.

Linux Australia revealed a data breach occurred on March 22, according to the organization attackers may have accessed personal details of conference attendees.

Linux Australia is an organization that represents nearly 5,000 Australian users and developers of free and open source software. The experts discovered the data breach a couple of days later, on March 24, following the investigation on a number of error reporting emails sent by a Conference Management (Zookeepr) hosting server.

According to the investigators, the hackers have exploited an unknown vulnerability to trigger a remote buffer overflow and obtain full control of the server hosting the information.

The server compromised by attackers hosts data related previous editions of the PyCon Australia and linux.conf.au conferences organized by the Linux Australia.

“It is the assessment of Linux Australia that the individual utilised a currently unknown vulnerability to trigger a remote buffer overflow and gain root level access to the server. A remote access tool was installed, and the server was rebooted to load this software into memory. A botnet command and control was subsequently installed and started. During the period the individual had access to the Zookeepr server, a number of Linux Australia’s automated backup processes ran, which included the dumping of conference databases to disk.” wrote Joshua Hesketh, president of Linux Australia.

The president of Linux Australia highlighted that there is no clear evidence that the hackers have stolen personal information, the records available in the archive of the organization include name, physical addresses, email addresses, phone numbers, and hashed passwords.

linux australia 2

The organization clarified that no financial information was exposed in the data breach because the Linux Australia uses a third party payment system.

“The payment processing process on the Zookeepr system was specifically designed to send minimal information to the payment gateway, and as a result only receive back a payment success or failure code. All other payment details are handled by the payment provider’s systems. Therefore, credit card information was not disclosed,” Hesketh noted.

The experts suspect that the attackers were interested in the personal information of attendees to conduct further targeted attacks.

Linux Australia has immediately started its incident response procedures and announced improvements to its architecture.

The compromised server hosted data related to the 2013, 2014 and 2015 editions of the conferences, for this reason Linux Australia urges PyCon and linux.conf.au attendees to change their passwords, especially if the users share the same credentials with multiple web services.

Pierluigi Paganini

(Security Affairs –  Linux Australia,  data breach)