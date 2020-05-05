Experts On News: Ghost Confirms Hack Attack – 750,000 Users Spooked By Critical Vulnerability

It has been reported that Popular open-source blogging platform with more than 2 million installs confirms it has been hacked. Although most people tend to immediately think of WordPress when asked to name a blogging platform, it certainly isn’t the only player in town. The self-proclaimed “world’s most popular modern open-source publishing platform,” Ghost, includes big-name customers such as Mozilla, NASA, and DuckDuckGo among its 750,000 registered users, according to its website. In the last week alone, Ghost users, including writers, podcasters, and video creators, set up 6,920 new publications. It was also hacked yesterday, May 3.

Martin Jartelius, CSO ,  Outpost24
May 05, 2020
Let’s all keep patching and be grateful this was abused for simple monetary gain.
It should be noted that whilst WordPress is a content manager just as Ghost, in this case neither content management system has been subject to a vulnerability, instead it is the infrastructure used by the organization behind the Ghost content manager. As the indicator of compromise were not the execution of the attack itself, but the symptoms when attackers opportunistically used the platform to ....
Tim Mackey, Principal Security Strategist,  Synopsys CyRC
May 05, 2020
This attack has two key elements to it.
Data centre patch strategies need to take into account not only the applications deployed, but also the underlying infrastructure and any firmware used within all devices powering businesses. In this case, the attackers used two vulnerabilities within the SaltStack infrastructure management software used by Ghost. This attack has two key elements to it. First, attackers are actively seeking unpatc ....
