Linux Lite Forums
General => Security & Bug Fixes => Topic started by: Scott on February 21, 2016, 09:20:44 AM
-
No need for panic but this is definitely newsworthy. ~Scott
http://blog.linuxmint.com/?p=2994 (http://blog.linuxmint.com/?p=2994)
Update
Looks like the Mint forums were compromised as well.
http://blog.linuxmint.com/?p=3001
-
If users bothered to md5sum check their downloaded isos against a good posted number.
Then they will know they have a bad iso.
-
Wordpress is a joke, worst CMS in the history on the interwebz.
I pentested a Wordpress site for a client the other day, a start up company in NZ. The results would shock you. I wish they'd come to me before going live. They asked me what they should do. My answer was blunt and unapologetic, "dump Wordpress, hand-code everything in php, html and css."
-
Update
Looks like the Mint forums were compromised as well.
http://blog.linuxmint.com/?p=3001 (http://blog.linuxmint.com/?p=3001)
-
Three weeks ago I couldn't download the *.torrent file from their site (for Cinnamon or MATE editions), and that's the route the news article seems to suggest is safer at the moment.
The "good news" in this is that a Linux distro is seen as so popular that it's worth hacker attention.
-
https://youtu.be/KMRwaQNs45k?t=32m45s (https://youtu.be/KMRwaQNs45k?t=32m45s)
I listen to JB sometimes and came across this thought I would share however it seems it's already been posted so here is a vlog about some info and commentary about this.
Enjoy
-
An update that might be important for anyone who has/had an Linux Mint Forums account:
The Linux Mint forum database was sold on January 16, a full month before users were made aware of a breach.
http://news.softpedia.com/news/linux-mint-forum-database-compromised-for-at-least-a-month-before-announcement-500901.shtml (http://news.softpedia.com/news/linux-mint-forum-database-compromised-for-at-least-a-month-before-announcement-500901.shtml)
-
Evidently ZDNet interviewed the hacker, and he claims he hacked the site twice the first time on January 28 and the second time on February 18.
Article at the following link.
http://www.zdnet.com/article/hacker-hundreds-were-tricked-into-installing-linux-mint-backdoor/
-
How did that Zack Whittaker guy ended up with that hacker? If the hacker was a "lone wolf" nobody heard of or knew about, how did Zack Whittaker ended up with him? Unless he knows the hacker and knew he was doing... I don't believe that any hacker will call up some newspaper or magazine saying: he guys! i've hacked the Mint site and the forum! you know what, i vene hacked some other sites! wanna do an interview with me??