Solidot: PHP.net遭黑客入侵植入恶意程序

Solidot

奇客的资讯，重要的东西

PHP.net遭黑客入侵植入恶意程序
http://solidot.org.feedsportal.com/c/33236/f/556826/s/32e59a41/sc/28/l/0L0Ssolidot0Borg0Cstory0Dsid0F36962/story01.htm
Oct 25th 2013, 08:33

PHP语言官方网站被入侵植入了JavaScript恶意代码，悄悄在浏览者电脑上安装恶意程序。但攻击者是通过哪个安全漏洞入侵系统PHP.net尚无头绪。PHP.net已经连续发表了两个声明解释这次事故，称调查发现两台服务器被入侵，它们分别托管www.php.net、static.php.net和git.php.net域名，以及托管bugs.php.net域名，所有服务已经迁移到新的服务器。Git源码库验证之后没发现问题。它怀疑攻击者可能访问了 php.net SSL证书的私钥，因此撤销了证书，在新证书发布前SSL加密连接不可用。 php.net宣布，未来几天所有用户将需要重置密码。根据Alexa排名，php.net的排名排在第228位。This entry passed through the Full-Text RSS service — if this is your content and you're reading it on someone else's site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers. Five Filters recommends: Massacres That Matter - Part 1 - 'Responsibility To Protect' In Egypt, Libya And SyriaMassacres That Matter - Part 2 - The Media Response On Egypt, Libya And SyriaNational demonstration: No attack on Syria - Saturday 31 August, 12 noon, Temple Place, London, UK



You are receiving this email because you subscribed to this feed at https://blogtrottr.com

If you no longer wish to receive these emails, you can unsubscribe here:
https://blogtrottr.com/unsubscribe/cz0/jPbdSR