Wouldn't disclosure in a public forum of any details of such an attack
potentially inform the attackers and would-be imitators of the success or
lack thereof of the attack, of its methods, and of detection and cleanup
methods?
On Sat, Aug 25, 2018 at 12:21 PM, Fæ wrote:
> Dear Security group of
Dear Security group of the Wikimedia Foundation,
The community has been patiently waiting for *113 days* for an
analysis to be published for the login attack of 3 May 2018.
The community has been waiting for *650 days* (that's around one year
and 10 months) for an analysis of the OurMine hack to
On Sun, May 6, 2018 at 11:24 PM Nathan wrote:
> I get hundreds of these a year (my user name, Nathan, seems to be a popular
> target). It would nice to be able to use some sort of multi-factor
> authentication, which is actually supported by OAUTH. However, it seems
> most projects (including en.
I get hundreds of these a year (my user name, Nathan, seems to be a popular
target). It would nice to be able to use some sort of multi-factor
authentication, which is actually supported by OAUTH. However, it seems
most projects (including en.wp) restrict use to accounts with elevated
rights. Can a
Thanks, John.
Fae, I suggest that we let the WMF folks who are working on this issue
extinguish the current fire before asking them to write a report about a
previous one.
I agree that the report about the previous incident is overdue. Perhaps as the
current situation becomes calmer (updated m
On 4 May 2018 at 01:27, John Bennett wrote:
> Hello,
>
> Many of you may have been receiving emails in the last 24 hours warning you
> of "Multiple failed attempts to log in" with your account. I wanted to let
> you know that the Wikimedia Foundation's Security team is aware of the
> situation, an
Hello,
Many of you may have been receiving emails in the last 24 hours warning you
of "Multiple failed attempts to log in" with your account. I wanted to let
you know that the Wikimedia Foundation's Security team is aware of the
situation, and working with others in the organization on steps to de