An Outdated vBulletin Installation Has ZoneAlarm's Forum Site Breached by Hackers

ZoneAlarm Forum Breached

It's common knowledge that no one is immune from cyberattacks, and if you still need further proof of this, you can have a look at some of the security companies that were successfully breached by cybercriminals. ZoneAlarm, a subsidiary of Check Point, is the latest example.

Earlier this week, several news outlets reported that ZoneAlarm had suffered a data breach. One of the first things that must be pointed out is that the incident isn't especially impactful. The attackers hit ZoneAlarm's forums, and they stole personal information that belongs to a relatively small number of users. According to The Hacker News, the intruders managed to steal the names, email addresses, dates of birth, and hashed passwords of around 4,500 people.

ZoneAlarm took the entire forum down in order to ensure that it's secure, and when it puts it back online, it will enforce a password reset for all users. As usual, affected people who have reused the same credentials at other websites are advised to change them there as well, despite the fact that the stolen passwords are hashed and should, therefore, be difficult (if not practically impossible) to retrieve.

All in all, it's not the end of the world, but there are a few worrying aspects about the incident that can act as a reminder of how even the experts don't always behave the way you'd expect them to, both before and after such an incident.

ZoneAlarm decides to make as little noise as possible

Neither ZoneAlarm nor Check Point, have made any official announcements regarding the cyberattack. Even now, after a spokesperson has admitted that there has been a data breach, the lack of a detailed report communicated through all the usual channels is striking.

Some might say that the breach doesn't deserve that much attention because the number of affected users is limited, and the stolen data isn't especially sensitive. There are several problems with this argument. For one, although the stolen information doesn't include any payment details or data that could lead to identity theft, it can still be used in other attacks that could be much more damaging.

Furthermore, regardless of the amount and nature of the pilfered information, a company that has suffered a data breach should always be as transparent as possible about what has happened. And in this case, the only thing users received is an email notification that doesn't go into too many details about what caused the data breach. Speaking of which, the breach itself was the result of a mistake that security companies shouldn't really make.

Another day, another security company gets attacked after it fails to patch its software

About a month and a half ago, Comodo announced that hackers had successfully managed to attack one of the messaging boards it owns and had gained access to close to a quarter of a million user records. The security company admitted that the crooks managed to get in after exploiting CVE-2019-16759 – a remote code execution vulnerability in the vBulletin forum software. The security flaw was publicly disclosed a few days before the attack, and a patch was released almost immediately. As you might have guessed, Comodo failed to update its forum, and the hackers didn't need a second invitation.

You'd expect that other people in the cybersecurity industry would learn from Comodo's mistake and would try to stay on top of their updates. Unfortunately, ZoneAlarm made no attempts to save themselves the embarrassment of getting hacked because of negligent patch management.

CVE-2019-16759 affects all vBulletin versions between 5.0.0 and 5.5.4, but the people running the project think that nobody should be using older versions of the software anyway, which is why patches were made available only for versions 5.5.2 and newer. ZoneAlarm's forum was running on vBulletin 5.4.4, which meant that it was basically a sitting duck for the hackers.

This particular data breach is far from the worst one we've seen, but it does go to show that even the people who should know better haven't escaped the "it won't happen to me" mentality. Unfortunately, the next time this sort of thing happens, the consequences could be much more serious.

By Duran
November 13, 2019
News
English
November 13, 2019
News

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Malware

What Hackers Do After Gaining Access to a Website

What are Hackers' objectives? Hackers usually infect websites with malware. Malware can execute many complex and malicious actions on a website, such as malvertising, illegal downloads, ransomware, and more. Online... Read more

September 4, 2019
Tips

Hackers Can Turn Headphones into 'Acoustic Weapons,' Cybersecurity Expert Warns

The speakers on your smartphone, PC, and other devices connected to the internet could be weaponized by hackers and used against you, security researchers say. One such expert believes that it is a very real threat.... Read more

September 3, 2019
Tips

How Much Is Your Bank Account Worth to Hackers?

We all know that hackers would love nothing more than to get their hands on a juicy bank account. Easy money, right? But just how much can a stolen bank account go for in the pits of the Dark Web? Well, a newly... Read more

November 16, 2018
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.