Patch this vulnerability immediately, if not yet. Patches can be accessed here.
Comodo (slogan: “creating trust online”), a leading cloud-based cybersecurity platform, disclosed that its forum was hacked and 2,45,000 users’ personal data was leaked. Comodo, said to be the global leader in providing cybersecurity solutions, failed in securing own forums from cyberattacks.
The hackers exploited a new vulnerability in Comodo’s user forum (vBulletin) to steal the personal data of Two Lakh Forty-Five thousand (2,45,000) users. The data included username, name, email address, last IP used to access the forums and if used, potentially some social media usernames.
Comodo is a freemium provider of endpoint protection which is a New Jersey-based (but UK-founded) company. It said the attack vector was a recently disclosed vulnerability or zero-day in vBulletin, a widely used server application for website comment forums.
The zero-day was dumped on the SecLists security forum on September 23, but the company was not competent to patch the forum immediately. vBulletin released patches for the software two days later. Enterprise security teams can access the patch here. All vBulletin Cloud sites have already been patched. Unfortunately, it was attacked on the fourth day after the patches were released.
This is Comodo’s second security flaw in 2019 following another attack involving an exposed password, which allowed a security researcher access to the company’s intranet — and access to internal files and documents.
In an alert to users published Monday meanwhile, Shane McGillian product group manager for Comodo wrote: “Our investigations are ongoing to determine what data, if any, has been accessed. User accounts on the forums contain information such as username, name, email address, last IP used to access the forums and if used, potentially some social media usernames in very limited situations.”
Comodo is advising all of its users to immediately change their passwords.
Comodo One’s team said to cbronline media: “As far as our company is concerned none of our servers has been breached. Also, we aren’t notified about the breach until now.”
Comodo itself said: “We deeply regret any inconvenience or distress this vulnerability may have caused you, our users.
“As members of our community of Comodo Forum users, we want to reassure you that we have put in place measures to ensure that vulnerabilities in third-party software, such as vBulletin, will be patched immediately when patches become available.”
You may be interested in reading: EX – YAHOO EMPLOYEE SNEAKS INTO 6000 ACCOUNTS FOR SEXUAL CONTENT