Quote:
Originally Posted by RazorSharpe
I'm not asking you to make public what you want to do or even asking you to use this thread as a launchpad for alerting people to the issue. This is exactly why I suggested you email ALL your clients, myself included, and don't expect us to contact you.
This is a serious issue and one that needs to be handled expeditiously and I for one want to know how this happened and why it happened. This isn't a chance exploit of an admin account. The person knew enough to gain access to the NATS specific admin account and has done so on numerous installs that I currently know of. Based on this fact alone, you cannot blame any of us for thinking that it may perhaps have not been a security exploit but rather a leaked password.
Asking those who find an issue to contact you is kind of silly since it is now safe to assume that anyone who has not disabled the NATS account has been compromised or will be compromised in due course.
...
|
I am not going to do this on a public forum. You are more than welcome to contact us to discuss. As I have a said, we will be sending an email out.