spinynorman Posted April 13, 2010 Report Share Posted April 13, 2010 Hackers penetrated the heavily-fortified servers for Apache.org in a "direct, targeted attack" that captured the passwords of anyone who used the website's bug-tracking service over a three-day span last week. The breach, the second to hit Apache.org in eight months, also exposed a much larger list of passwords belonging to people who accessed the site's bug-tracking section. While the databases used a one-way hash to disguise the passwords, two of the lists are vulnerable to dictionary attacks because Atlassian, the maker of issue-tracking software used by Apache, failed to add "random salt" to them. More at The Register. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.