April 16, 2013
Linode Customer Database Hacked

Read Marco’s thoughts on how the Linode customer database was hacked:

Yesterday, a group named HTP claimed responsibility for accessing Linode Manager web servers, we believe by exploiting a previously unknown zero-day vulnerability in Adobe’s ColdFusion application server. The vulnerabilities have only recently been addressed in Adobe’s APSB13-10 hotfix (CVE-2013-1387 and CVE-2013-1388) which was released less than a week ago.

The IRC transcript is interesting as well.

Coldfusion? Seriously?

Posted by Arcterex at April 16, 2013 09:24 AM