Latest News: Technology |  Celebrity |  Movies |  Apple |  Cars |  Business |  Sports |  TV Shows |  Geek

Trending

Filed under: News | Technology News

 

Drupal Hacking Results Password Resets

Drupal is being hacked. The company has officially announced that unauthorized access is found to be made for user information for Drupal.org and its groups. These accounts are in millions while Drupal yet said that CMS account information is still safe.

May 30 2013, 1:17pm CDT | by

1 Updates
Drupal Hacking Results Password Resets
 
 

YouTube Videos Comments

Full Story

Drupal Hacking Results Password Resets

Drupal Hacking Results Password Resets

Drupal Association Executive Director Holly Ross officially disclosed a statement after initial security audit at their end. It states to undergo certain security measures which are necessary to protect your Drupal.org accounts from mishandling or hacking. The substructure of Drupal was compromised with the installation of third party software. It exposed certain information on Drupal.org website and its subdomain groups.drupal.org. A hacked injection into their system made users vulnerable by exposing the following information;

  • Username
  • Email address
  • Country
  • Password in hash code format. These are stored in PHPass format after multiple hashing techniques. It can be broken with the support of a certain high profile servers with high processing power.

The above mention information can be used to reset password of Drupal.org passwords. And to protect users ED Holly Ross given a detailed press briefing with suggested security checks and measures. This website does not store any sensitive information like address, credit card credential, CVV code.

Holly Ross has recommended for its users to change their .org password. It is a precaution to protect users if somehow hash security is compromised. You need to visit drupal.org site with your credentials. It required email address and username. Ask the server to send a reset password link to your email address. You will receive email in fifteen minutes. Open the email, click on reset URL. It will take you to a URL where you can enter your new password.

Drupal Association has taken the following precautionary steps. But the aforementioned steps are just part of extra measures.

  • Whole server set is scanned with antivirus for any sniffer, virus or other malicious programs. The process is still on as I am writing this article. It will remove any extra junctions to the existing file signatures.
  • The backend server is Apache. Its configurations are modified to restrict access to certain sensitive files and folders.
  • The whole server will now be converted into static content being archived on separate servers just like Google keeps cache. And the websites which are not dynamic will be shifted to static archives too. It will make restoring data and checking modification signatures easy process for security experts.

The security audit is complete on initial stage and yet forensic analysis is pending. There is not proof that core files of Drupal are modified but will soon come to know. The third party software that caused the malicious injection in system is notified and made public about the flaw. Association is not yet clear about the intention or purpose of this act.

 

You Might Also Like

Updates


Sponsored Update


Advertisement


More From the Web

Shopping Deals

 
 
 

<a href="/latest_stories/all/all/20" rel="author">Sumayah Aamir</a>
Sumayah Aamir (Google+) has deep experience in analyzing the latest trends.

 

 

Comments

blog comments powered by Disqus

Latest stories

 Ricky Martin Planning To Add A Baby Girl To His Family Next Year
Ricky Martin Planning To Add A Baby Girl To His Family Next Year
Before increasing his family he plans to launch a new disc in early 2015 and start off on a promotional tour.
 
 
Ewan McGregor and Scarlett Johanssen make Audiences Obese
Ewan McGregor and Scarlett Johanssen make Audiences Obese
Ewan McGregor and Scarlett Johanssen have acted together in many action movies together. However, the audiences that watch these flicks often snack so much during the viewing that they become obese in the end.
 
 
Jesse Eisenberg to Go Bald for Lex Luthor in Batman V Superman
Jesse Eisenberg to Go Bald for Lex Luthor in Batman V Superman
The role Jesse Eisenberg plays of Lex Luthor in Batman V Superman is a tentative deal. Is Lex Luthor bald in the movie? Will Jesse Eisenberg shave his head?
 
 
The LG G Watch Is $50 Off ($179.99) With Free Shipping At Best Buy
The LG G Watch Is $50 Off ($179.99) With Free Shipping At Best Buy
In-Store pickup is not an option for this deal
 
 
 

About the Geek Mind

The “geek mind” is concerned with more than just the latest iPhone rumors, or which company will win the gaming console wars. I4U is concerned with more than just the latest photo shoot or other celebrity gossip.

The “geek mind” is concerned with life, in all its different forms and facets. The geek mind wants to know about societal and financial issues, both abroad and at home. If a Fortune 500 decides to raise their minimum wage, or any high priority news, the geek mind wants to know. The geek mind wants to know the top teams in the National Football League, or who’s likely to win the NBA Finals this coming year. The geek mind wants to know who the hottest new models are, or whether the newest blockbuster movie is worth seeing. The geek mind wants to know. The geek mind wants—needs—knowledge.

Read more about The Geek Mind.