Tuesday, March 28, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Container Journal
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About Us
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • The Chasm Between Cybersecurity Confidence and Actual Ability
  • Your Guide to The Top 15 Backend Languages For 2023
  • SaaS Risk Management for SaaS Security
  • Four Inc. Announces Partnership with MixMode to Offer Advanced AI Cybersecurity Solutions to Government Agencies
  • Wicked Good Development Episode 30: JUG, AKA the JAVA User Group
Data Security SBN News Security Bloggers Network Threats & Breaches 

Home » Cybersecurity » Data Security » Stack Overflow Discloses Digital Attack against Production Systems

SBN

Stack Overflow Discloses Digital Attack against Production Systems

by David Bisson on May 17, 2019

Stack Overflow, a popular question and answer site for programmers, disclosed a digital attack in which bad actors accessed its production systems.

TechStrong Con 2023Sponsorships Available

Mary Ferguson, VP of Engineering at the company, publicly revealed the incident on 16 May. In a statement posted to Stack Overflow’s website, she explained that someone had obtained production-level access to the platform on 11 May. She clarified that the company has investigated the extent of access acquired by the unknown parties. Through this effort, the website’s security personnel determined that those individuals had not compromised any customer data.

“Our customers’ and users’ security is of the utmost importance to us,” Ferguson explained. “After we conclude our investigation cycle, we will provide more information.”

This isn’t the first time that bad actors have attacked a question and answer website like Stack Overflow. Back in December 2018, for instance, Quora announced that a malicious party had gained unauthorized access to one of its systems. Adam D’Angelo, Quora’s CEO, said that those behind the security incident might have compromised the account information, public content and non-public content of approximately 100 million users.

Out of an abundance of caution for this possibility, Quora notified all users whose data might have been compromised. It also logged out all affected users and invalidated their passwords if they used one as their source of authentication.

In her statement, Ferguson didn’t provide further details about how the digital attackers infiltrated Stack Overflow’s systems, but she did reveal that the platform was in the process of addressing all known vulnerabilities. This statement highlights the importance of organizations using a vulnerability management program in terms of discovering, reporting on, prioritizing and ultimately responding to known security weaknesses. This program should ideally be a continuous process so that organizations can stay on top of the latest (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/stack-overflow-discloses-digital-attack-against-production-systems/

May 17, 2019May 17, 2019 David Bisson digital attack, IT Security and Data Protection, Latest Security News, Stack Overflow, vulnerability
  • ← Decentralized identity and the path to digital privacy
  • Ransomware recovery firms often just pay attackers’ ransom demands →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows
TSTV Podcast

Subscribe to our Newsletters

Most Read on the Boulevard

Phishing, Brute Force Attacks Rise in Expanded Threat Landscape
Modern Cybersecurity Problems Need Next-Gen PAM Solutions
Business Email Compromise Threats Soar Past Phishing Risks
AI/ML’s Role in Software Supply Chain Security
Survey Surfaces Need to Change SecOps Priorities
USENIX Security ’22 – ‘QuORAM: A Quorum-Replicated Fault Tolerant ORAM Datastore’
The Power of Open-Source Security: A Deep Dive
AD Security 101: SIEM Tools and AD Monitoring
Become a cloud security hero
Latest FBI IC3 Report Reveals BEC and Crypto Scams Top the List of the $10.3 Billion Losses in 2022

Upcoming Webinars

Apr 04

Key Strategies for a Secure and Productive Hybrid Workforce

April 4 @ 1:00 pm - 2:00 pm
Apr 05

Securing Kubernetes With SentinelOne and AWS

April 5 @ 1:00 pm - 2:00 pm
Apr 05

From Vulnerable to Invincible: The Five-Step Journey to Complete Cloud Security

April 5 @ 3:00 pm - 4:00 pm
Apr 12

The State of Cloud-Native Security 2023

April 12 @ 1:00 pm - 2:00 pm
Apr 13

Case Study: Improving Code Security With Continuous Software Modernization

April 13 @ 11:00 am - 12:00 pm
Apr 20

Lessons From a Live Hack: Secure Your Cloud From the Inside

April 20 @ 3:00 pm - 4:00 pm
Apr 24

Securing Open Source

April 24 @ 1:00 pm - 2:00 pm
May 03

https://webinars.securityboulevard.com/ciso-panel-tips-for-optimizing-cloud-native-security-stack-in-2023?utm_campaign=2023.05.03_Aqua_Webinar_SB&utm_source=BMRegister

May 3 @ 3:00 pm - 4:00 pm
May 22

Ransomware

May 22 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

The State of Cloud Native Security 2020

Industry Spotlight

FINALLY! FCC Acts on SMS Scam-Spam — But Will It Work?
Analytics & Intelligence API Security Application Security Cloud Security Cyberlaw Cybersecurity Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight IoT & ICS Security Malware Mobile Security Most Read This Week Network Security News Popular Post Security Boulevard (Original) Security Operations Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust 

FINALLY! FCC Acts on SMS Scam-Spam — But Will It Work?

March 17, 2023 Richi Jennings | Mar 17 0
White House to Regulate Cloud Security: Good Luck With That
Analytics & Intelligence Application Security Cloud Security Cloud Security Cyberlaw Cybersecurity Data Security DevOps Editorial Calendar Featured Governance, Risk & Compliance Humor Incident Response Industry Spotlight Malware Most Read This Week Network Security News Popular Post Ransomware Securing Open Source Security Awareness Security Boulevard (Original) Security Operations Software Supply Chain Security Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

White House to Regulate Cloud Security: Good Luck With That

March 13, 2023 Richi Jennings | Mar 13 0
‘Extraordinary, Egregious’ Data Breach at House and Senate
Analytics & Intelligence API Security Application Security CISO Suite Cloud Security Cloud Security Cyberlaw Cybersecurity Data Security Editorial Calendar Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight Most Read This Week Network Security News Popular Post Ransomware Securing Open Source Security Awareness Security Boulevard (Original) Security Operations Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

‘Extraordinary, Egregious’ Data Breach at House and Senate

March 10, 2023 Richi Jennings | Mar 10 0

Top Stories

The Chasm Between Cybersecurity Confidence and Actual Ability
Cloud Security Cybersecurity Data Security Featured Network Security News Security Awareness Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities 

The Chasm Between Cybersecurity Confidence and Actual Ability

March 28, 2023 Michael Vizard | 17 minutes ago 0
ChatGPT Less Convincing Than Human Social Engineers in Phishing Attacks
Analytics & Intelligence Cybersecurity Featured Malware News Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

ChatGPT Less Convincing Than Human Social Engineers in Phishing Attacks

March 28, 2023 Teri Robinson | 5 hours ago 0
Thirdera Looks to Secure ServiceNow SaaS Applications
Application Security Cloud Security Cybersecurity Featured Identity & Access News Security Boulevard (Original) Social Engineering Spotlight Threats & Breaches Vulnerabilities 

Thirdera Looks to Secure ServiceNow SaaS Applications

March 28, 2023 Michael Vizard | 6 hours ago 0

Security Humor

Randall Munroe’s XKCD ‘Relative Terms’

Randall Munroe’s XKCD ‘Relative Terms’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Container Journal
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.