[Forum] Security Compromised
Posted: Tue Nov 20, 2012 4:42 am
Today our forum was attacked by a turkish team of hackers and they vandalized our forum index page, recently we have been fighting against DDoS attacks to both our webserver and svn box, eventually they managed to do more damage like this, so much hate, but anyways lets man it up and keep going, we are going to take new measures to prevent more damage hardening our security (again), we suspect a vuln in php 5.3 so we gotta upgrade to 5.4 and everything else...
We apologize for any inconvenient caused to our users due this incident, even though we're not sure if any sensitive data was compromised during this attack, we are enforcing a password reset for everyone.
An attacker with enought time, skills and horsepower can crack password hashes with rainbow tables, passwords with less than 6 characters can be cracked in just a couple of minutes, we suggest to all our users to use a secure password with more than 8 characters and use UPPERCASE, lowercase, Numb3rs and $pecial Characters to increase your password security.
In order to ensure everyone safety we have issued a FORCED PASSWORD UPDATE for everyone, so once you login to the forums you will be asked to change your password, if you dont, you cant keep browing the forum with your account.
Again we ask for apologizes for any trouble caused.
We apologize for any inconvenient caused to our users due this incident, even though we're not sure if any sensitive data was compromised during this attack, we are enforcing a password reset for everyone.
An attacker with enought time, skills and horsepower can crack password hashes with rainbow tables, passwords with less than 6 characters can be cracked in just a couple of minutes, we suggest to all our users to use a secure password with more than 8 characters and use UPPERCASE, lowercase, Numb3rs and $pecial Characters to increase your password security.
In order to ensure everyone safety we have issued a FORCED PASSWORD UPDATE for everyone, so once you login to the forums you will be asked to change your password, if you dont, you cant keep browing the forum with your account.
Again we ask for apologizes for any trouble caused.