Posts from May 2013
Another day, another big site hacked. 2013 really just hasn’t been a good year for web security.
This time around, the site writing the email that noone wants to write is Drupal.org, home of the popular content management platform, Drupal. Though no exact number was shared, it appears that nearly one million user accounts are affected.
Also affected are the user accounts of groups.drupal.org, a sub-site meant to help Drupal users establish meetup groups in the real world.
Word of the break-in went out this evening, when Drupal began to email affected users.
In an FAQ about the hack on their site, Drupal says that they currently have no idea who might be behind the attack. So far, it seems like the hackers had access to usernames, email addresses, and hashed passwords.
read more via [techcrunch]
You can now backup sites even more securely by using SSH Key authentication within Backup Machine.
If your hosting provider supports them, SSH keys offer greater levels of security than regular passwords.
To enable this functionality, simply specify “SSH / SFTP” in our simple “Add Website” wizard, then upload a private key from your server, rather than supply a password.
Your private SSH key should be kept secret, just like your password. When you upload your key, we strongly encrypt it to keep it safe.