vBulletin.com Hacked, Customer Data Stolen

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

bonmon,
User Rank: Apprentice
7/18/2016 | 7:26:03 AM

Re: If you didn't realize vbulletin is insecure, you weren't paying attention

As he sees no one is safe.

samicksha,
User Rank: Apprentice
11/19/2013 | 3:36:20 AM

Re: If you didn't realize vbulletin is insecure, you weren't paying attention

I read about vBulletin breach prompts password reset, I am suprised how come attackers managed using a zero-day flaw that is now being sold in several places online, I guess cross site scripting can be intervened into most forum site.

Ariella,
User Rank: Apprentice
11/18/2013 | 5:44:31 PM

Re: If you didn't realize vbulletin is insecure, you weren't paying attention

@jemison288 I know exactly what you mean. It's like having a car with a good warranty that frequently needs repairs that are covered. On the one hand, it's good that the dealer fixes everything, but, on the other hand, you'd really prefer to be spared the inconvenience of things breaking on it in the first place.

jemison288,
User Rank: Apprentice
11/18/2013 | 3:40:39 PM

Re: If you didn't realize vbulletin is insecure, you weren't paying attention

I don't know if I agree with that. It's like saying, "I know it breaks a lot, but they have great customer support!" Screw that, I'd rather have something that never breaks with crappy customer support--I won't need it. (Early days of AWS were basically like that).

kjhiggins,
User Rank: Strategist
11/18/2013 | 3:34:31 PM

Re: If you didn't realize vbulletin is insecure, you weren't paying attention

Not to downplay this breach, but your point about vBulletin patching almost weekly is actually relativley promising. Patching regularly is better than not patching at all.

jemison288,
User Rank: Apprentice
11/18/2013 | 2:56:00 PM

If you didn't realize vbulletin is insecure, you weren't paying attention

VBulletin sends out something like a patch a week due to security problems. Anyone still running vbulletin--after, say, 2008--is either asleep at the wheel or decided that the inevitability of being hacked through vbulletin was a reasonable risk.

Seriously--vbulletin, joomla, and a host of other popular PHP "applications" are so large and full of security holes that they're essentially impossible to secure. No one with a serious business should be using any of them.

Susan_Nunziata,
User Rank: Apprentice
11/18/2013 | 12:41:21 PM

Big-name brands

Considering the big-name brands that have built their forums using vBulletins, if I were any of those organizations I'd be pretty worried right now.

The question, of course, is what kind of data is stored in those forums. Pearl Jam (the band) sells tickets and merchandise through its website, but does that information touch the vBulletin forum porition of their site? What about Sony Pictures or EA?

According to the vBulletin site, NASA even uses its software for their forums.

I hope all the companies that use this service are monitoring closely and checking for exploits.

Whoopty,
User Rank: Ninja
11/18/2013 | 12:29:45 PM

Phew

I'm not as worried by this now as I would have been a few years ago. It's been a while since I used a forum regularly. Now it's more common threads like this and social networks.

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

Black Hat USA - August 5-10 - Learn More

Black Hat Asia - May 9-12 - Learn More

More Informa Tech Live Events

White Papers

The Relationship Between Security Maturity and Business Enablement

Causes and Consequences of IT and OT Convergence

IT/OT Convergence Enables Security Operations Synergies

Cloud Journey Migration Stage: Adaptive Cloud Security

Cloud Incident Response Datasheet

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today

Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Download Now!

Battle for the Endpoint

0 comments

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2023-1142
PUBLISHED: 2023-03-27

In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation.

CVE-2023-1143
PUBLISHED: 2023-03-27

In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use Lua scripts, which could allow an attacker to remotely execute arbitrary code.

CVE-2023-1144
PUBLISHED: 2023-03-27

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.

CVE-2023-1145
PUBLISHED: 2023-03-27

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.

CVE-2023-1655
PUBLISHED: 2023-03-27

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]