http://news.softpedia.com/news/CloudFlar...witter_web
That doesn't seem like a good thing....
Also, the crap about how they hacked MyBB because "HF uses it" has been proven to be a load of BS from
this tweet. People may want to change CF passwords, especially Chris if he uses it :\
EDIT; i was gonna post this in the mybb security section, but i didn't think it would really fit there so i just put it here.
They wouldn't have heard of MyBB if it wasn't for HF that's the point I think they're making. Because MyBB supplies HF of the software they use it as an excuse to hack. Of course it's for fame, UGNazi aren't hacktivists like Anonymous or even latter Lulzsec were. They're doing it for the lols, they've admitted that.
You just have to hope your security is tight enough and not do anything to piss them off. Stay clear, don't get involved. I'm actually a supporter of those who use their talent for reasons like corrupt law, like Anonymous and Lulzsec have actually done. I think (don't quote me on it) that some of the members of UGNazi are former Lulzsec members, or they're trolling, I'm not sure. So they're talented, let's not deny that. I must admit though the tune on their defacement page is awesome and their image (the hitler pic) is pretty cool too.
What I've found more interesting is these guys have used social engineering to get into a lot of places they shouldn't have. That's not good news I'm afraid.
(2012-06-05, 03:38 AM)Anxiety Wrote: [ -> ]They wouldn't have heard of MyBB if it wasn't for HF that's the point I think they're making. Because MyBB supplies HF of the software they use it as an excuse to hack. Of course it's for fame, UGNazi aren't hacktivists like Anonymous or even latter Lulzsec were. They're doing it for the lols, they've admitted that.
Anonymous aren't "hacktivists" they're a bunch of skids from 4chan that DDoS people.... lol.
(2012-06-05, 03:36 AM)Nathan Malcolm Wrote: [ -> ]People have no need to change any passwords.
it's probably better to be safe than sorry though.
(2012-06-05, 03:36 AM)Nathan Malcolm Wrote: [ -> ]They never obtained the database or had database access. The system engineers have access to the database, Matthew, the CEO, does not.
But according to the timeline they posted they had access to change passwords on other accounts, who probably have access to the database.
"But according to the timeline they posted they had access to change passwords on other accounts, who probably have access to the database.
[/quote]
Just to clarify..
CloudFlare Admins and reps would get a bcc: email for password reset tokens & this helped us troubleshoot issues customers had resetting their passwords. We have since stopped this because of the issues outlined in the blog posts covering this topic.
(2012-06-05, 03:43 AM)Dark Entities Wrote: [ -> ] (2012-06-05, 03:38 AM)Anxiety Wrote: [ -> ]They wouldn't have heard of MyBB if it wasn't for HF that's the point I think they're making. Because MyBB supplies HF of the software they use it as an excuse to hack. Of course it's for fame, UGNazi aren't hacktivists like Anonymous or even latter Lulzsec were. They're doing it for the lols, they've admitted that.
Anonymous aren't "hacktivists" they're a bunch of skids from 4chan that DDoS people.... lol.
Are you dense? Look at anonymous targets and statements. They take down Child pornography websites at a bigger rate then governments. They attack governments that try to make opressive laws.
During the protests in Egypt they provided dial up accounts so news could flow out of the country... Anonymous does more good work then you expect.
(2012-06-05, 04:25 AM)Lo. Wrote: [ -> ] (2012-06-05, 03:43 AM)Dark Entities Wrote: [ -> ] (2012-06-05, 03:38 AM)Anxiety Wrote: [ -> ]They wouldn't have heard of MyBB if it wasn't for HF that's the point I think they're making. Because MyBB supplies HF of the software they use it as an excuse to hack. Of course it's for fame, UGNazi aren't hacktivists like Anonymous or even latter Lulzsec were. They're doing it for the lols, they've admitted that.
Anonymous aren't "hacktivists" they're a bunch of skids from 4chan that DDoS people.... lol.
Are you dense? Look at anonymous targets and statements. They take down Child pornography websites at a bigger rate then governments. They attack governments that try to make opressive laws.
During the protests in Egypt they provided dial up accounts so news could flow out of the country... Anonymous does more good work then you expect.
I will admit that some of them do good things, but a majority of the people that claim to be in anonymous are skids from 4chan who think they're hackers because they can shoot packets at a website until it crashes.
(2012-06-05, 05:03 AM)Dark Entities Wrote: [ -> ] (2012-06-05, 04:25 AM)Lo. Wrote: [ -> ] (2012-06-05, 03:43 AM)Dark Entities Wrote: [ -> ] (2012-06-05, 03:38 AM)Anxiety Wrote: [ -> ]They wouldn't have heard of MyBB if it wasn't for HF that's the point I think they're making. Because MyBB supplies HF of the software they use it as an excuse to hack. Of course it's for fame, UGNazi aren't hacktivists like Anonymous or even latter Lulzsec were. They're doing it for the lols, they've admitted that.
Anonymous aren't "hacktivists" they're a bunch of skids from 4chan that DDoS people.... lol.
Are you dense? Look at anonymous targets and statements. They take down Child pornography websites at a bigger rate then governments. They attack governments that try to make opressive laws.
During the protests in Egypt they provided dial up accounts so news could flow out of the country... Anonymous does more good work then you expect.
I will admit that some of them do good things, but a majority of the people that claim to be in anonymous are skids from 4chan who think they're hackers because they can shoot packets at a website until it crashes.
Yes, anyone can claim to be part of anonymous as it isn't a "thing" it's an "idea". They may be skids but they still target oppressive governments and corrupt corporations. They are still hacktivists.
You're basically saying people who stand outside government buildings with signs and banners aren't activists because they possess no real political skill? That is absurd.
(2012-06-05, 03:43 AM)Dark Entities Wrote: [ -> ]But according to the timeline they posted they had access to change passwords on other accounts, who probably have access to the database.
Yes. They may have been able to change
cloudflare account passwords. That won't have gotten them anywhere. They could reset the technicians cloudflare passwords but would only then have access to the technicians cloudflare accounts. You really think cloudflare's admin section has a PHPMyAdmin style interface? No. The database is likely only accessible directly through their web server control panel (if they use one) or through desktop MySQL clients.
(2012-06-05, 03:43 AM)Dark Entities Wrote: [ -> ]Anonymous aren't "hacktivists" they're a bunch of skids from 4chan that DDoS people.... lol.
Not sure if serious. Please research this before posting and pretending you even have one speck of knowledge on the subject. I doubt many skids can go and deface government websites at their will in protest of their actions. Anonymous are nothing to do with 4chan. Posts like yours genuinely anger me. Anonymous intercepted calls between Scotland Yard and the CIA and many other pretty high profile stuff.
People are under the misconception that Anonymous is a bunch of kids installing LOIC (google it) and calling themselves hacktivists. You're so wrong. Anonymous has organised peaceful protests all around the world in hundreds of different countries. Do you think they'd make a documentary over some "skids"? Give it a break man.