Fedora Project investigates possible infrastructure compromise
Posted on 25 January 2011.
A security incident on Fedora infrastructure has been reported by Jared Smith, Fedora Project's leader, who confirmed that the account of one of its contributors has been compromised.

According to preliminary results of an investigation mounted by Fedora Project's Infrastructure Team, the compromise wasn't the result of an exploitation of a vulnerability.

Luckily for all, the compromised account doesn't belong to a member of any sysadmin or Release Engineering groups.

Upon being notified by the legitimate account user that something was off, the Infrastructure Team immediately proceeded to lock down the access to the account, take filesystem snapshots of all systems the account had access to, and audit SSH, FAS, Git, and Koji logs from the time of compromise to the present.

So far, they discovered that the attacker changed the account's SSH key in the Fedora Accounts System and logged in to fedorapeople.org. Fedora users are reassured that he or she did not push any changes to the Fedora SCM or access pkgs.fedoraproject.org in any way, generate a koji cert or perform any builds, or push any package updates.

"The Infrastructure Team believes that Fedora users are in no way threatened by this security breach and we have found no evidence that the compromise extended beyond this single account," wrote Smith, but they encourage anyone who might notice something is off to report it.






Spotlight

eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Dec 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //