back to article Stack Overflow 2019 hack was guided by advice from none other than... Stack Overflow

Developer site Stack Overflow has published details of a breach dating back to May 2019, finding evidence that an intruder in its systems made extensive use of Stack Overflow itself to determine how to make the next move. At the time, the company reported that an unauthorised person had logged into its development system and …

  1. richardcox13
    Boffin

    "One does not simple break into Stack Overflow without constantly looking up how to do so on Stack Overflow"

    Recursive attack!

  2. LDS Silver badge

    "It also moved build and source control systems behind the firewall"

    Still many are trying exactly to do the opposite... moving everything to some cloud based build system.

  3. Howard Sway

    finding evidence that an intruder in its systems made extensive use of Stack Overflow itself

    Was the evidence a post on the site saying "Need to perform hack on insecure website with naively thought out architecture. Please advise complete solution"?

  4. MrReynolds2U

    I remember when SSAD was new

    "Although this goes against the trend for continuous integration"

    Need I say more about the semi-latest marketing term for modern SAD principles?

  5. Kevin McMurtrie Silver badge
    Pirate

    Need some news clippings, string, and pins like in Hollywood movies

    Is this the starting point of the SolarWinds hack or did SolarWinds need no help?

  6. Fazal Majid

    Second time TeamCity is mentioned in a major breach

    Nowhere near as severe as the SolarWinds fiasco, but surely something must be wrong with a critical product that’s seemingly so hard to secure.

    1. ortunk

      Re: Second time TeamCity is mentioned in a major breach

      Many idiots running systems using stacko... and linux for dummies these days.

      that is the real problem.

  7. Robert Grant Silver badge

    The community noticed a new user with broad privileges and reported it, at which point the Stack Overflow security team took more drastic steps, taking Team City offline and removing privileges and credentials.

    SO's community engagement team then banned several members of the community who reported the breach, calling their behaviour "unwelcoming of a new user."

  8. FlamingDeath Silver badge

    Why am I not surprised

    That the point of entry was a development server

    Do they teach devs about security in dev school?

    No?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021