Jump to content

MS-adm

Former ESET Employees
  • Posts

    77
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by MS-adm

  1. Hello,

     

    we have been informed by our third-party forum provider that user login details of ESET Security Forum members have been compromised. At this time we have confirmed that login data (user name/email and hashed forum passwords) have been accessed. We have requested details about the incident from our provider and have launched a full-scale investigation with them. ESET Security Forum has around 2,700 registered users and the only information stored are login details: no financial or other sensitive data are affected. ESET-operated infrastructure and ESET software users were not affected in any way by this incident.

     

    We recommend that all ESET Security Forum users change their passwords. Having different passwords for different services is a good practice: if you used your ESET Security Forum password for other services, we recommend that you also change those passwords immediately too. Some useful tips on how to create strong passwords can be found at ESET WeLiveSecurity website: hxxp://www.welivesecurity.com/2013/07/17/how-to-create-strong-passwords-without-driving-yourself-mad/

     

    To change your email and/or password:

    Click your name at the top right of the window

    Click My Settings

    In the menu on the left, click Email & Password

    Enter your new email and/or password

     

    We apologize for any inconvenience.

     

    ESET Security Forum

  2. Some users are still experiencing broken certificate errors via SSL login.

    Is there some TBA when this is going to be fixed ?

    Those seeing the broken SSL certificates would be those using IE 8 under Windows XP.

    hxxp://www.wilderssecurity.com/showthread.php?t=348962

     

    Hello, this is because Windows XP does not support Server Name Indication. More details here: hxxp://en.wikipedia.org/wiki/Server_Name_Indication#Client_side

    Unfortunately, there's no easy workaround for this on our side.

  3. Hello,

     

    To make your stay on ESET Security Forum safer, we have decided to implement SSL on forum.eset.com. The SSL will be implemented at the end of this week. All http requests to forum.eset.com will be automatically switched to https so there’s no need to change existing links.

     

    In the first phase we will implement SSL to the entire website. This will bring two restrictions to the forum functionality:

    • Videos cannot be embedded directly to posts.
    • Images cannot be inserted from an external URL.

    In the second phase (in the course of the following months), after some testing and environment configuration, we'll remove SSL and keep it only for the login/registration step. This will make both restricted functionalities available again while still keeping the sensitive data secure.

     

    Thank you,
    ESET Security Forum
     

×
×
  • Create New...