infosec-handbook.eu

Matrix.org publishes timeline after security breach:

matrix.org/blog/2019/04/11/sec

– the attacker exploited vulnerabilities in Jenkins
– the attacker had full database access, including access to unencrypted content like private messages, passwords hashes, access tokens
– Matrix.org recommends changing your password (including NickServ password)

· 3 · 49 · 10
Fallstar  

@infosechandbook Looks down again. :/

0
🇳🇴 Tor Christian  

@infosechandbook Seems like #matrix is still #breached. matrix.org shows a manifesto.

0
Aladar  

@infosechandbook
Matrix is such a mess. I've been using it for like a year and this is about the third MAJOR security problem they had. Avoid at all cost.

1
vbrandl  

@aladar
I can't remember the other two. Could you refresh my memory?
@infosechandbook

1
Aladar  

@vbrandl
There's been bugs that destroyed rooms to the point of having to delete the entire history, I don't even know if they're foxss yet since they were already old at the point I learned of them
@infosechandbook

0
Sign in to participate in the conversation
Mastodon

mastodon.at is a microblogging site that federates with most instances on the Fediverse. Note: This instance will shut down on February 29th, 2020.

Trending now

Resources

Developers

What is Mastodon?

mastodon.at

More…