Re: [Mickaboo Techlist] Possible spam / security breach in Wiki
Vinny: Thanks for the heads-up - it was a spammer with a confluence-users account - the most base level of access without the ability to write to anything other than your personal page. Sure enough, it's a spammer who signed up for a personal page. Either they were approved by accident (possible) or there is a bug in confluence that lets unapproved signed-in users still edit their personal space. Either way I'll check it out. Vincent J. Hrovat wrote:
Hi Matt,
On Wiki's dashboard this morning I saw the following recent activity:
I was curious because the naming of this account was not consistent with normal Wiki naming standards. I see in this user's "About me" that he has a thinly-veiled advertisement for a get rich quick scheme. A bit of google research shows me that Bill Bartmann is a promulgator of GRQS with books, web sites, seminars, etc. Also, I verified that Bill Bartmann is not set up in ASM.
You may have already seen this but FYI in case you didn't. Thanks.
* *
*Vincent J. Hrovat*
FYI tech folks, when the 'adaptavist user management' plugin was uninstalled, it left 'Public signup' enabled but without the approvals process. This resulted in a spammer getting a page (we've deleted it). Until I have a replacement for the user management workflow plugin for confluence, I'm disabling public signup - so we'll have to ask people who need accounts to email us at tech-help@mickaboo.org - which is pretty much what they do anyway, so I don't anticipate much impact. AMuse wrote:
Vinny: Thanks for the heads-up - it was a spammer with a confluence-users account - the most base level of access without the ability to write to anything other than your personal page. Sure enough, it's a spammer who signed up for a personal page.
Either they were approved by accident (possible) or there is a bug in confluence that lets unapproved signed-in users still edit their personal space. Either way I'll check it out.
Vincent J. Hrovat wrote:
Hi Matt,
On Wiki's dashboard this morning I saw the following recent activity:
I was curious because the naming of this account was not consistent with normal Wiki naming standards. I see in this user's "About me" that he has a thinly-veiled advertisement for a get rich quick scheme. A bit of google research shows me that Bill Bartmann is a promulgator of GRQS with books, web sites, seminars, etc. Also, I verified that Bill Bartmann is not set up in ASM.
You may have already seen this but FYI in case you didn't. Thanks.
* *
*Vincent J. Hrovat*
------------------------------------------------------------------------
_______________________________________________ Techlist mailing list Techlist@mickaboo.org https://mickaboo.org/cgi-bin/mailman/listinfo/techlist
participants (1)
-
AMuse