Nearlyfreespeech因账户安全漏洞紧急维护
今天登陆Nearlyfreespeech的时候发现无法登入,提示主机服务商正在维护系统,提示进入http://status.nearlyfreespeech.net,可以看到nearlyfreespeech发布的公告,关键是其中的这一段:
Update: We regret to report that this is a security-related issue. Someone was able to able to obtain sufficient privileges to adjust their account balance. We do have a complete binary log of the handful of database changes they made, and we understand how it was done. Unfortunately, it is going to take us some time to make the changes needed to ensure our members and we are properly protected from similar attacks in the future.
说明有人通过系统漏洞获取了足够的权限以修改他们的账户余额。其实在选用nearlyfreespeech的主机时,我就介绍过他们独特的收费政策(详情查看我的这篇blog第二次搬家和最近的流水账),当时我就担心过账户的安全问题。截止北京时间今天15点,Nearlyfreespeech宣称已经修复了这一问题,后台的control panel也恢复正常。另外在整个过程中主机并没有宕机,我的Blog也可以正常访问。
相关文章
IT
No Comments, 留言 or 引用
发表评论