News for Admins

Tech News

Stack Overflow Compromised

According to The Hacker News, a hacker gained unauthorized access to the production version of Stack Overflow (https://thehackernews.com/2019/05/stack-overflow-databreach.html).

The attack initially exploited a bug in the development version of Stack Overflow and then escalated privileges to gain access to the product version.

The company also admitted that the intruders may have managed to access information on users. "While our overall user database was not compromised, we have identified privileged web requests that the attacker made that could have returned IP address[es], names, or emails for a very small number of Stack Exchange users. Our team is currently reviewing these logs and will be providing appropriate notifications to any users who are impacted," said Mary Ferguson, VP of Engineering at Stack Overflow.

The company has taken some steps to mitigate further damage. They are terminating the unauthorized access to the system and also patching the bug that allowed the unauthorized access and escalation.

Docker Hub Breached

Criminals managed to breach Docker Hub and gained access to the company database. The company admitted that during the breach, sensitive data from approximately 190,000 accounts may have been exposed. Compromised data includes usernames and hashed passwords for a small percentage of these users, as well as GitHub and Bitbucket tokens for Docker autobuilds.

The company sent a notice to users, "On Thursday, April 25th, 2019, we discovered unauthorized access to a single Hub database storing a subset of non-financial user data. Upon discovery, we acted quickly to intervene and secure the site."

The company is asking users to reset

Buy this article as PDF

Express-Checkout as PDF

Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES

Print Issues

Digital Issues

 

SUBSCRIPTIONS

Print Subs

Digisubs

 

TABLET & SMARTPHONE APPS

US / Canada

UK / Australia