vBulletin Breach Prompts Password Reset

[somdfunguy]

vBulletin Breach Prompts Password Reset — Krebs on Security

Forum software maker vBulletin is urging users to change their passwords following a recent breach of its networks. The attackers who claimed responsibility for the intrusion say they broke in using a zero-day flaw that is now being sold in several places online, but vBulletin maintains it is not aware of any zero-day attacks against current versions of its product.

this is good too

“Stop [blaming] this on the ‘outdated vBulletin software’,” the apparent culprit wrote. ” The fault lied within a single moderator. All of you kids that are saying upgrade from 3.x to 4.x or 5.x have no idea what you’re talking about. 3.x is far more secure than the latter. Just because it’s older, it doesn’t mean it’s any worse.”

 

[GURPS]

all based on PHP Scripting ...

 

[David]

Unfortunately, the original vB dudes sold out to some larger corporate entity a few years ago... the spirit of the pioneering internet entrepreneur, relative to vB, died right there.

Thank God the spirit is still alive in the open software development community.

 

[GURPS]

the follow on owners - IMHO - hardly ever do as fine a job as the Originators