Dear friends and fellow community members,
It is with regret, that I inform you of a breach that's affected our community forum. I reported publicly (Security Notice) of a potential VB5 vulnerability that allowed the malicious injection of a zero-day exploit. This exploit was detected and quickly corrected, but unfortunately, it does now appear some emails and subsequent passwords were leaked. VBulletin passwords are stored in an encrypted database however and typically reported as secure.
While it is technically impossible to conclusively assess the scope of the security breach the good news is discoverXS took immediate action to rectify the breach and notify our community members publicly and forced new passwords for everyone. We value our community and always strive to offer a safe environment.
This is also the reason XS does not cross-platform any community profile to our store data. It's also why XS does not store or otherwise access any payment methods. That's all done through PayPal, our merchant services. The only thing we ever see is a unique transaction code.
To reemphasize it does look as bad people got a hold of some email addresses from the forum which could contribute to a rise in SPAM (which some have reported). As a precaution, we forced members to change their discoverXS passwords when logging in.
It is always good practice to use a randomized password that you change relatively often for each site you visit. Most browsers offer this service as default.
XSteveO
Categories
Collapse
Latest Articles
Collapse
-
by XSteveODear friends and fellow community members,
It is with regret, that I inform you of a breach that's affected our community forum. I reported publicly (Security Notice) of a potential VB5 vulnerability that allowed the malicious injection of a zero-day exploit. This exploit was detected and quickly corrected, but unfortunately, it does now appear some emails and subsequent passwords were leaked. VBulletin passwords are stored in an encrypted database however and typically reported as...-
Channel: Community Forum Stuff
05-13-2021, 09:03 AM -
-
by XSteveOWe will be upgrading the forum next week fixing a lot of the bugs we have. If anybody has a suggestion as to what you'd like to see or be able to do, let us know here, please.
In the meantime here are some changes I am adding
Dark Mode
Fix Nav Bar
Posts taking forever to post
Inline Quote not working correctly
Search Function Mod (better search functionality)
Custom Avatars (You will be able to choose what you want
Chat Function like the store...-
Channel: Community Forum Stuff
10-09-2020, 10:29 AM -
-
by XSteveOOur DiscoverXS Community Forum experienced a breach, which we took immediate steps to correct. While we are still investigating, it does not appear any data was leaked. If we determine otherwise I will notify you accordingly.
What Happened?
On August 12, 2020 our mod security program running on our servers identified a potential harmful upload which was immediately isolated. Out of precaution the forum was set to maintenance mode making it unavailable to access. We have taken...-
Channel: Community Forum Stuff
08-13-2020, 02:38 PM -
-
by XSteveOA couple new features we've installed to enhance the user experience.
...-
Channel: Community Forum Stuff
10-18-2019, 11:03 AM -
-
by XSteveODear Community Members,
End of September 2019 a security vulnerability was detected for VBulletin 5 (VB5) that would allow hackers to inject bad-stuff into a community forum such as ours. The hack, a zero-day vulnerability, allows the hacker to gain control over the server the forum is on. As such, patches have been issued and already installed on our discoverXS community forum.
All of the Aser Gruppe servers and websites use a series of security measures that monitor,...-
Channel: Community Forum Stuff
10-14-2019, 02:30 PM -
-
by XSteveOWe upgraded the forum last night again and now are having some issues with firefox. Seems like other browsers are working. I know Chrome, IOS and Safari are working. Can someone check Opera and heavens forbid windows? Any others you might use too
-
Channel: Community Forum Stuff
10-14-2019, 11:08 AM -