The Steel Guitar Forum Store 

Post new topic GoDaddy Hacked!
Reply to topic
Author Topic:  GoDaddy Hacked!
b0b


From:
Cloverdale, CA, USA
Post  Posted 22 Nov 2021 3:01 pm    
Reply with quote

A lot of people use GoDaddy to host their personal or small business web sites. I've ranted about their business practices before, ever since a friend discovered that it's impossible to cancel their billing, but this is something else. I get a newsletter from WordFence, a WordPress security plugin company. This just appeared in my mailbox today:
Quote:
GoDaddy announced this morning that they have been breached. Our team took a deep dive into the breach and found that GoDaddy appears to have stored passwords in plaintext, or in a format that could be reversed back into plaintext, which is not an industry best practice.

We confirmed this by signing into a GoDaddy Managed WordPress Hosting Account and verifying that we were able to view our own sFTP password. That means the attacker didn't need to crack the passwords and could likely retrieve them directly.

According to GoDaddy's own SEC filing: "For active customers, sFTP and database usernames and passwords were exposed."

The attacker had access to GoDaddy's systems for over two months before they were discovered.

Click here to read the WordFence blog post about the breach.
_________________
-𝕓𝕆𝕓- (admin) - Robert P. Lee - Recordings - Breathe - D6th - Video
View user's profile Send private message Visit poster's website

Wiz Feinberg


From:
Mid-Michigan, USA
Post  Posted 22 Nov 2021 5:03 pm    
Reply with quote

OMG! This is impactful on many levels to both site owners and their customers/readers.

WordPress is a constant target for hackers and Bots. The probes come all day and all night from all four corners of the World. New vulnerable files are discussed and shared, then those files are sought out. Today's main target is named: emergency.php. It is an emergency password reset file for use by the WordPress admin when he or she loses or forgets their admin password. The file is so insecure that the author recommends deleting it immediately after using it. But, it appears that many admins are overlooking this last step.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog
View user's profile Send private message Send e-mail Visit poster's website

b0b


From:
Cloverdale, CA, USA
Post  Posted 23 Nov 2021 7:38 pm    
Reply with quote

An update from WordFence. Not good news:
Quote:
We have received confirmation from GoDaddy that the breach has widened to GoDaddy Managed WordPress resellers that include tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe.

We have verified that these hosts are using the same provisioning system that allows sFTP passwords to be retrieved in plain text.

Details
_________________
-𝕓𝕆𝕓- (admin) - Robert P. Lee - Recordings - Breathe - D6th - Video
View user's profile Send private message Visit poster's website


All times are GMT - 8 Hours
Jump to:  

Our Online Catalog
Strings, CDs, instruction,
steel guitars & accessories

www.SteelGuitarShopper.com

Please review our Forum Rules and Policies

Steel Guitar Forum LLC
PO Box 237
Mount Horeb, WI 53572 USA


Click Here to Send a Donation

Email admin@steelguitarforum.com for technical support.


BIAB Styles
Ray Price Shuffles for
Band-in-a-Box

by Jim Baron
HTTP