Forum Hacks- Brazzers hit from badly managed vbulletin site


#1

Guys, keep in mind when on other forums the software they use. Most use vbulletin with exceptions to eroids and musclegurus using drupal.

As I have stated before about PM and database security and encryption, we go an extra step in our database so there is no information even we can see if you message thru the forum. Other forums dont take that step.

Excerpt from the article.

“Matt Stevens, public relations manager from Brazzers, told Motherboard in an email, “This matches an incident which occurred in 2012 with our ‘Brazzersforum,’ which was managed by a third party. The incident occurred because of a vulnerability in the said third party software, the ‘vBulletin’ software, and not Brazzers itself.””

“We’ve seen a real spate of vBulletin breaches where the software had been left pretty much unattended and unloved,” he added. “Vulnerabilities have been found and patches have been issued yet the admins have maintained the product and very well-known, easily exploited vulnerabilities have led to breaches like this one.”

Often, the problem is that sites using vBulletin have been left in a state of disrepair, allowing hackers to leverage publicly known vulnerabilities and grab user details.The anonymous Brazzers user told Motherboard, “The only way to force change is to bring it to public opinion to encourage businesses to respect our data and put the proper security measures in place to secure it.”