For the second time in three months, a security breach has shut down the marketing Web site used to promote the Firefox browser. Late Monday, members of the Spread Firefox community were notified that their Spreadfirefox.com site had been hit by attackers looking to exploit a bug in the TWiki collaboration software, which had been running on the server.The Mozilla Foundation does not believe that any sensitive information was compromised in the attack, but it is encouraging the approximately 100,000 Spread Firefox members to reset their passwords. “With these things it’s hard to determine the exact nature of what happened,” said Mike Schroepfer, director of engineering with the Foundation’s Mozilla Corp. subsidiary. “We don’t believe that people were successful in getting any of that personal or sensitive information, but we’re erring on the side of caution.”Spread Firefox is best known as the organization that raised more than US$200,000 to run a two-page Firefox ad in The New York Times last year. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe In July of 2005, attackers were able to gain access to the Spread Firefox server, apparently for the purpose of sending spam. That attack compromised information such as member e-mail addresses, instant messaging names, street addresses and birthdays. After the July attack, the Mozilla Foundation changed procedures to be sure that security fixes were applied to the Spread Firefox server software, but administrators overlooked the TWiki application, which was no longer being used, Schroepfer said. “This one particular piece of software was an oversight and happened to not get updated,” he said.The Mozilla team discovered the attack over the past weekend, but it appears to have been launched several weeks earlier. “The vulnerability on the TWiki software was announced on the 15th of September,” Schroepfer said. “It looked like the first few attempts happened within 12 to 36 hours of those announcements going out.” Administrators will spend the next few weeks rebuilding Spreadfirefox.com, and the site is expected to be back online around Oct. 15, according to the Mozilla Foundation.Once widely considered a more secure alternative to Microsoft’s Internet Explorer (IE) browser, Firefox has seen its reputation decline of late. Last month, security vendor Symantec Corp. reported that the Firefox browser had more confirmed security vulnerabilities than IE during the first half of 2005. Firefox countered that it ended up with a larger number of vulnerabilities — 25 as opposed to Microsoft’s 13 — because Microsoft tends to roll a number of bugs into one vulnerability report. By Robert McMillan, IDG News Service Related content opinion The changing face of cybersecurity threats in 2023 Cybersecurity has always been a cat-and-mouse game, but the mice keep getting bigger and are becoming increasingly harder to hunt. By Dipti Parmar Sep 29, 2023 8 mins Cybercrime Security brandpost Should finance organizations bank on Generative AI? Finance and banking organizations are looking at generative AI to support employees and customers across a range of text and numerically-based use cases. By Jay Limbasiya, Global AI, Analytics, & Data Management Business Development, Unstructured Data Solutions, Dell Technologies Sep 29, 2023 5 mins Artificial Intelligence brandpost Embrace the Generative AI revolution: a guide to integrating Generative AI into your operations The CTO of SAP shares his experiences and learnings to provide actionable insights on navigating the GenAI revolution. By Juergen Mueller Sep 29, 2023 4 mins Artificial Intelligence feature 10 most in-demand generative AI skills Gen AI is booming, and companies are scrambling to fill skills gaps by hiring freelancers to make the most of the technology. These are the 10 most sought-after generative AI skills on the market right now. By Sarah K. White Sep 29, 2023 8 mins Hiring Generative AI IT Skills Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe