- Tatwins One
- Membre RLFB
- Messages : 1495
- kuchnia na wymiar wrocław
- Inscription : ven. 07 oct. 2005, 22:16
hier, j'ai reçu un mail de la 501ST comme quoi le site de la RL aurait été pirater et nous incitait à changer de mot de passe.
Comment cela fait-il qu'on a pas été informé par la RLFB et encore moins par la RL ???
J'apprend ça par la 501st, l'organisation soeur , c'est pas sérieux tout ça ?
Qui pourrait m'expliquer ces dysfonctionnements ?
Message du mail :
Members of the 501st,
Last week it was announced that there was a vulnerability discovered on the Rebel Legion website that could result in a bad actor obtaining email addresses and passwords for that site. If you happen to be a member of the Rebel Legion, it would be a good idea to change your name and passwords on any site that you may share that combination of username, email address and password (including 501st.com).
It is of course always best practice for all members to consistently review their passwords on any site. If any more information presents itself, we will pass it on to membership.
Legion Commanding Officer
"Hello all, TLDR: IMPORTANT! Update your forum password immediately to a password you do not use for any other online accounts. In the process of preparing to upgrade the forums, it has been brought to the attention of RL leadership that a security vulnerability exists on the forum. This vulnerability can be exploited to expose all the data in the database including usernames and passwords. This vulnerability has probably existed since the forum was put online over a decade plus ago. The web team has removed the pages associated with the vulnerability. You will no longer be able to via costume listings via the main website. The vulnerability existed in custom code and not core phpBB code. We do not believe this vulnerability has been exploited by a nefarious 3rd party. However, we ask all forum users to please update their passwords to a password you do not use for any other website or account as a safety precaution. Also if you or anyone else uncovers a security vulnerability such as this please contact the web team but do not use the exploit inappropriately. If the web team and leadership find out any person has exploited and shared the vulnerability, appropriate disciplinary action will be taken per the Charter.
The above is an email sent to you by an administrator of "Rebel Legion". If this message is spam, contains abusive or other comments you find offensive please contact the webmaster of the board at the following address:
Include this full email (particularly the headers)."
Et prévenu aussi via facebook (RLFB - Station Ouest)