The Arcive of Official vBulletin Modifications Site.

vbresults · #61 11-16-2013, 07:51 PM

Quote:

Originally Posted by Digital Jedi

So wait, they went ahead and sent out emails to change your password just to sate hacking paranoia?

You and I both know what's happening here, and it's not that.

TheLastSuperman · #62 11-16-2013, 07:59 PM

Quote:

Originally Posted by motorhaven

Put away your lame assumptions about someone's experience and your weak lessons before you embarrass yourself. I know what social engineering is - I was dealing with people doing that stuff back in the 1980s, when I wasn't busy coding in assembler. That was well before I started one of the first enthusiast groups on the Internet.

Macrumors has nothing to gain by saying they were hacked. They have credibility to lose, as a matter of fact.

Hey bud, welcome to 2013... this is not the 1980's so continuing to spread rumors when you're not up to par on the situation and apparently do not know the full details or extent of said situation is simply not the right thing to do in my opinion... why do I say that?

Quote:

Originally Posted by motorhaven

There is a big difference between "making stuff up" and not having information which agrees with yours.

^ Case in point... I don't know the full extent of the situation and if I don't then neither do you so it does not matter if other information does not agree with "yours". Paul would know more then either of us - assumptions and justifications to what you see are fine but continuing to post them as rumors is not because at the time of your initial posts the most info we all had on this was that released by the so-called "hackers" and does everyone take what they say at face value? Pffffft I hope not so neither should you have see my point?

Quote:

Originally Posted by Digital Jedi

So wait, they went ahead and sent out emails to change your password just to sate hacking paranoia?

Apparently because Paul already stated they hacked a QA server... so yes ladies and gents if it was an old copy of vb.com database on that QA server and your passwords had not changed then common sense tells us that you need to change your passwords, do that regardless of what you read.

DO NOT USE THE SAME PASSWORD FOR EVERY SITE! Buy a cheap black ledger book from an office supply store/wal-mart etc and write down the passwords for each site, keep in your desk drawer for easy reference. You can also have your broswer remember passwords, I do the ledger book because if the right virus hits your pc then all that info is known as well.

TheLastSuperman · #63 11-16-2013, 08:00 PM

Quote:

Originally Posted by vbresults

You and I both know what's happening here, and it's not that.

You don't know neither does DJ

.

Amaury · #64 11-16-2013, 08:15 PM

Quote:

Originally Posted by TheLastSuperman

DO NOT USE THE SAME PASSWORD FOR EVERY SITE!

I actually do this to an extent.

I use the same password for all sites I'm a member of (e.g., YouTube), However, on sites where I'm a staff member, such as KH-Flare, I use a different password, which is currently the only site I have a different password on. The other sites I'm staff on aren't big / don't have a lot on them at the moment, so I use the same password as places I'm of a member of, but it's a secure password. Then there are also sites that you're staff on, but you're only a sectional moderator that, of course, doesn't have access to the admin or moderator control, so it doesn't really matter.

I actually look at the security more than the uniqueness when it comes to passwords

hugh_ · #65 11-16-2013, 09:21 PM

What hasn't been disclosed and concerns me is whether the hackers had access to customer records and financial information, and the support system which must contain a large amount of fairly sensitive customer information...

Paul M · #66 11-16-2013, 10:01 PM

Not really sure what financial information you mean.

All the log files that were examined do not show any attemped access of customer data in the support system, they basically targeted the vb user table.

motorhaven · #67 11-16-2013, 10:44 PM

Quote:

Originally Posted by TheLastSuperman

Hey bud, welcome to 2013...

Welcome to I was right.

Quote:

this is not the 1980's so continuing to spread rumors when you're not up to par on the situation and apparently do not know the full details or extent of said situation is simply not the right thing to do in my opinion... why do I say that?

Had you followed all the resources out there about it you'd have seen there was than just screen shots. But you and others were too busy looking to defend VB rather than following and reading everything at the resources, such as the long thread over at Mac Rumors where there was plenty of info.

The right thing was not IB employees initially taking the Baghdad Bob role.

Max Taxable · #68 11-16-2013, 10:51 PM

Just to keep this clear...

No one has yet said vbulletin DOT COM wasn't possibly hacked. The meter was this site, vbulletin DOT ORG.

From the link in post #3, there is NO claim of vb dot org being part of this "hack." And many here have expressed their doubts a exploit for version 4 would also automatically mean this site which uses version 3 was also "hacked."

As far as I can tell, only the author of the first post is claiming it's also vB dot org which was "hacked."

There isn't one shred of proof of that and it's not even a claim the illiterate script kiddies with their dummied up screenshot and their "patch for sale" are even making.

New Joe · #69 11-16-2013, 11:17 PM

Just got this e mail:

Quote:

This is an important message about your account.

We take your security and privacy very seriously. Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password. Our investigation currently indicates that the attackers accessed customer IDs and encrypted passwords on our systems. We have taken the precaution of resetting your account password. We apologize for any inconvenience this has caused but felt that it was necessary to help protect you and your account.
To regain access to your account:

Visit the vBulletin forums at http://www.vbulletin.com/settings/account
Enter in your existing password followed by your new password, twice for confirmation.
Save this page at the bottom.
Please choose a new password and do not use the same password you used with us previously. We also highly recommend that you chose a password that you are not using on any other sites.
If you have any additional questions or concerns, please feel free to contact our support team at http://www.vbulletin.com/go/techsupport or support@vbulletin.com.

Sincerely,

Wayne Luke,
vBulletin Lead Technical Support.

Helping You Build Better Communities,

Chris8 · #70 11-16-2013, 11:29 PM

So... can someone explain how exactly they hacked vb.com. Can we have some more detailed answers?

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.05817 seconds Memory Usage 2,293KB Queries Executed 14 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (9)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (10)post_thanks_box (2)post_thanks_box_bit (10)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (2)post_thanks_postbit (10)post_thanks_postbit_info (10)postbit (10)postbit_onlinestatus (10)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start fetch_musername post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start post_thanks_function_fetch_thanks_bit_start post_thanks_function_show_thanks_date_start post_thanks_function_show_thanks_date_end post_thanks_function_fetch_thanks_bit_end post_thanks_function_fetch_post_thanks_template_start post_thanks_function_fetch_post_thanks_template_end pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

Благодарность от:
Max Taxable

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!