http://www.theregister.co.uk/2012/04/05/sophos_partner_site_infected/ By Iain Thomson in San Francisco The Register 5th April 2012 Sophos has shut down its portal for partners after finding two software packages on its servers designed to allow access to them – and possibly to user data stored there, as well. The security software firm posted a statement on the portal explaining that it had spotted suspicious behavior on some of its servers this Tuesday. An investigation revealed two dodgy applications, which a preliminary examination suggests are designed to harvest login information. Sophos shut the portal down, just to be on the safe side. "We don't believe anything was stolen, but are proceeding with an abundance of caution," Chet Wisniewski, senior security advisor at Sophos told The Register. "It will remain offline while we are completing our investigation. We will bring it back online once we are sure it is safe to do so." Sophos says that the system stored partners' names and business addresses, email addresses, contact details, and hashed passwords, and that only its old portal, and not the latest SFDC, system was breached. When it's back up and running (which, given the Holy Week holiday, is unlikely to be before next week) users will be asked to reset passwords as a precaution. [...] _______________________________________________ LayerOne Security Conference May 26-27, Clarion Hotel, Anaheim, CA http://www.layerone.orgReceived on Thu Apr 05 2012 - 23:40:23 PDT
This archive was generated by hypermail 2.2.0 : Thu Apr 05 2012 - 23:43:23 PDT