May22
Just read this article about CMP sites getting “turked” (maybe I should get a copyright on that term…hmmm). The CMP IT staff said the fix was “nothing phenomenal, pretty run of the mill.” I found this comforting and disconcerting simultaneously.
I found it comforting because I heard some speculation that this Turk was possibly using a zero-day to attack these sites. It looks like this dispells that theory.
I found it disconcerting because the “…flaw came from some old code from a third-party vendor, which apparently had been overlooked on previous security audits.” I know they don’t want to give away what they use, but I want to know what it is in case I have something running it.
Vet
