It was confirmed on July 15 that Canonical, the commercial vendor behind Ubuntu Linux, was hacked, and the attacker was able to gain unauthorized access to a database of two million users. The downloaded information included usernames, email addresses, IP addresses, and passwords.
Canonical used vBulletin, a web forum software, and although it was regularly updated, the add-ons were not. Chief Executive Officer at Canonical, Jane Silber, acknowledged that there was a known SQL injection vulnerability in Forum Runner, a vBulletin add-on that hadn’t been patched, which led to the attack.
Researchers at ESET discovered a new Mac malware, Keydnap, a backdoor program designed to steal credentials stored in Apple OS X keychains. When downloaded, the malware appears as a .zip file which contains a .txt or .jpg that has an additional space at the end of the filename. Opening the file will execute in the Terminal application, not in Preview or Text Edit. Once successfully executed, the code will download and install the backdoor, which will add an entry to the LaunchAgents directory to ensure it’s there even after a reboot. The backdoor can now receive commands to steal contents of the OS X keychain.
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.