Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

vBulletin resets passwords after a targeted attack

vBulletin has suffered a severe attack last week that breached one of the Germany servers, in response it informed users that all passwords had been reset. vBulletin has suffered a severe attack last week, in response it informed users that all passwords had been reset. According to the vBulletin developer Paul Marsden one of the […]

vbulletin

vBulletin has suffered a severe attack last week that breached one of the Germany servers, in response it informed users that all passwords had been reset.

vBulletin has suffered a severe attack last week, in response it informed users that all passwords had been reset. According to the vBulletin developer Paul Marsden one of the Germany servers was breached by an unauthorized party.

“Due to the discovery yesterday of unauthorized access to of one of the VBG servers it is possible the hacker may have gained access to other vb systems as well. Therefore we have again taken the precaution of resetting all user password hashes. To be able to login to the site you will need to use the lost password functionality. 
http://www.vbulletin.org/forum/login.php?do=lostpw
We apologise for any inconvenience this may cause.” said Marsden.

The attackers have breached the Germany (VBG – “vbulletin-germany.com”) server, a circumstance that could have allowed them to access other systems of the organization, including “vBulletin.com” and “vBulletin.org.”

At the time I was writing there aren’t other details on the data breach, Marsden highlighted that hackers haven’t used any exploits, a claim supported by the fact that the hackers server doesn’t run any instance of the popular CMS.

Mardden believes attackers have carefully planned the attack:

“I can tell you it wasnt via any vB exploit – in fact, the VBG site doesnt run vbulletin. Someone clearly targetted the site, it was obvious they had planned this quite carefully.”said Marsden.

This isn’t the first time that the platform is targeted by hackers, in November 2015, the official forum was shut down after a hacker using the online moniker “Coldzer0” defaced it.

The website has been defaced and the forum was displaying the message “Hacked by Coldzer0.”

According to DataBreaches.net, vBulletin, Foxit Software forums have been hacked by Coldzer0 that stole hundreds of thousands of users’ records.

The hacker published screenshots that show he managed to upload a shell to the forum website and accessed user personal information, including user IDs, names, email addresses, security questions and answers, and password salts).

vBulletin forum hacked 2

As usual, I strongly suggest users to change the passwords on any other website where they shared the same login credentials.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – data breach, hacking)