WUS forums, breached

TP61 · Nov 6, 2017

I know one or two of us are on there. All passwords need a reset
https://krebsonsecurity.com/2017/11/2nd-breach-at-verticalscope-impacts/

Pitfitter446 · Nov 6, 2017

Did it yesterday, good to know that they were on the ball(ish) to try and minimise the damage.

elbeik · Nov 6, 2017

Reset mine.
Tapatalk however did not prompt me for the new password...

OttoWilliam · Nov 6, 2017

So what are the website that breached again ? Watchuseek and toyotanation only ?
Hacking seems to increase a lot due to bitcoin rising.
If you open porn website from your phone as well. Be careful of your bitcoin wallet. I watched the john mcafee seminar.

Mr_Orange · Nov 6, 2017

This isn't the first time VerticalScope has been hacked. In fact, this is the second time in about 18 months and they still have not implemented https for their site. They claim that with over 1000 sites on their network, they can't just switch on https. Whilst this may well be true, it shows just how poorly set up they are to manage all the forums they own. It is a shame that WUS sold out to VerticalScope.

Calibre11 · Nov 6, 2017

Very frustrating. I don't know why implementing HTTPS is that difficult- even if its not flipping a switch. @dsio got HTTPS up and running here over a weekend and I did the same at Calibre11.com, even though the risks there are not as high as they are here on the forum (because only a couple of people are entering data on Calibre11.com)

dsio · Nov 7, 2017

Calibre11
Very frustrating. I don't know why implementing HTTPS is that difficult- even if its not flipping a switch. @dsio got HTTPS up and running here over a weekend and I did the same at Calibre11.com, even though the risks there are not as high as they are here on the forum (because only a couple of people are entering data on Calibre11.com)

Its not hard at all, literally you pay $30 or so for the SSL cert, an hour total in configuration and the rest is just making sure all of our other links were correct which is done by automated scripts. The thing is they have shareholders and need to be delivering the highest profits possible which means getting every last dollar out of the sites while spending only when absolutely necessary, we don't have any such pressure in that regard. Some further info here: https://www.hackread.com/verticalscope-hacked-again-millions-affected/

Calibre11 · Nov 7, 2017

dsio
Its not hard at all, literally you pay $30 or so for the SSL cert, an hour total in configuration and the rest is just making sure all of our other links were correct which is done by automated scripts. The thing is they have shareholders and need to be delivering the highest profits possible which means getting every last dollar out of the sites while spending only when absolutely necessary, we don't have any such pressure in that regard. Some further info here: https://www.hackread.com/verticalscope-hacked-again-millions-affected/

Many thanks Ash..not sure everyone here realises how much you do behind the scenes to keep this forum alive and well 👍

dtf · Nov 7, 2017

dsio
Its not hard at all, literally you pay $30 or so for the SSL cert, an hour total in configuration and the rest is just making sure all of our other links were correct which is done by automated scripts. The thing is they have shareholders and need to be delivering the highest profits possible which means getting every last dollar out of the sites while spending only when absolutely necessary, we don't have any such pressure in that regard. Some further info here: https://www.hackread.com/verticalscope-hacked-again-millions-affected/

I suspect their argument is around the increased load caused by using https over http and thus increased cost. But I agree, idiots. The response to the first hack was appalling, as a result a few forums I use have pretty much shut down.

elbeik · Nov 7, 2017

So their logic is, don't add "futile costs" at the expense of loosing your forums and community?

imagwai · Nov 7, 2017

Who knows what their excuse is really. Could be a very complex setup across multiple sites that means the upgrade is a major rework of their infrastructure and software. Not an excuse for not doing it, though.

I'm spending more time here and on Omega Forums lately. Too many subforums to navigate on WUS, and it's a bit slow too.

dtf · Nov 7, 2017

Execs never care about security until it's gone wrong and they're getting fired. Just ask the ceo of equifax.

Aquagraph · Nov 7, 2017

imagwai
Who knows what their excuse is really. Could be a very complex setup across multiple sites that means the upgrade is a major rework of their infrastructure and software. Not an excuse for not doing it, though.

I'm spending more time here and on Omega Forums lately. Too many subforums to navigate on WUS, and it's a bit slow too.

It's painfully slow to be honest...

WUS forums, breached

TP61

Pitfitter446

elbeik

OttoWilliam

Mr_Orange

Calibre11

dsio

Calibre11

dtf

elbeik

imagwai

dtf

Aquagraph

Similar threads

The Tron/FU Monaco - A break with tradition (again?)