Hi guys, sorry that the FreeBSD Forums were offline for a couple of hours.
We were hit by an exploit against a slightly outdated XenForo version that we were still running.
The same exploit hit quite a number of XenForo installations today, including linux.org.
The FreeBSD Forums showed a defacement page for a couple of minutes before it was detected by the admins and then skillfully removed, after which the XenForo software was updated.
In the meantime the FreeBSD organization decided to take our DNS record offline, in case we were possibly spreading malware, which did not...
You are only as good as the latest software you're running and the ability to keep up with those. We had a failure in keeping up with XF and that will not happen again. This was the first security event in the 18 years that these forums have been running, and it just goes to show that there is no reason to become complacent.
Yes the same, I clicked on the link & there i could enter my email & password
I asked google ai about xenforo, it told me : freebsd-os, mariadb , nginx , php&zend.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
