Newswe.org pop-ups are a social engineering attack that tries to trick users into registering for…
On Thursday, April 11 representatives of organization reported that cybercriminals got access to their servers. Intruders entered production databases that allowed them to steal unencrypted information from messages, password hashes and authorization tokens.
After an attack, Matrix.org could not restore its work for several hours and had to rise its infrastructure from the beginning. Incident touched sites, databases, media-repositories etc, however, Modular.im servers, initial codes and packets were not hurt.
Cyberattack was possible due to vulnerability in the outdated version of Jerkins server. With the help of CVE-2019-1003000, CVE-2019-1003001 and CVE-2019-1003002 cybercriminals stolen inner SSH-keys and with their help got access to infrastructure.
Jaikey Sarraff, safety researcher, informed Matrix.org about vulnerabilities on April 9. Next day organization’s engineers located them and established full scale of the attack. On April 10, Jenkins server that became a source of a problem was removed and criminals lost access to data base.
In 24 hours Matrix.org turned on its main server and started rebuilding its infrastructure. All Matrix.org users were “kicked off” their accounts and organization asked them to change passwords.
Source: matrix.org/blog
News-bfopeci.info is a domain that tries to force you into subscribing to its browser notifications…
News-bfugaho.info is a site that tries to force you into clik to its browser notifications…
News-bganise.info is a domain that tries to trick you into clik to its browser notifications…
News-xhijupa.com is a domain that tries to trick you into subscribing to its browser notifications…
News-xnicini.cc is a domain that tries to trick you into subscribing to its browser notifications…
News-xpafema.cc is a site that tries to trick you into subscribing to its browser notifications…
View Comments