 Your new post is loading...
Your new post is loading...
|
Scooped by
Gust MEES
May 15, 2017 10:34 AM
|
The account details of millions of subscribers to the education platform Edmodo have not only been stolen but witnessed to be for sale on the dark web, according to a post on Motherboard. The platform is used by more than 78 million teachers, students and parents to compose lesson plans, make homework assignments and other tasks.
Breach notification website LeakBase provided Motherboard with a sample of more than two million records, which included usernames, email addresses and hashed passwords.
The good news is that the passwords apparently are hashed with the stealthy bcrypt algorithm, and a string of random characters known as a salt, which likely will make it more difficult for hackers to obtain users' login credentials. And, when staffers at Motherboard attempted to open Edmodo accounts using some of the purloined data, they were unsuccessful as the address was already linked to an Edmodo account, the report explained.
The bad news is that at least a portion of the database is up for sale on the dark web marketplace Hansa for $1,000. The seller, going under the name nclay, said s/he was in possession of 77 million accounts. LeakBase reported that 40 million of those come with an email address.
Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES http://www.scoop.it/t/securite-pc-et-internet/?&tag=Edmodo+Insecurity
|
|
Scooped by
Gust MEES
February 16, 2017 7:34 AM
|
|
|
Scooped by
Gust MEES
January 18, 2017 3:49 AM
|
Supercell, der Spiele-Entwickler von absurd erfolgreichen Titeln wie "Clash Royale" für mobile Geräte, gesteht einen Hack seines Forums ein. Allem Anschein nach, lassen sich die abgezogenen Passwörter vergleichsweise einfach knacken. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
|
Scooped by
Gust MEES
December 20, 2016 6:35 AM
|
|
|
Scooped by
Gust MEES
December 19, 2016 9:03 AM
|
|
|
Scooped by
Gust MEES
November 14, 2016 9:46 AM
|
Jetzt erotische Treffen, Sex oder etwas Heißes finden" - mit diesem Slogan wirbt die Sex-Kontaktbörse AdultFriendFinder (AFF). Etwas Heißes haben dort auch offenbar Unbekannte gefunden, die in das Netzwerke der Betreiberfirma FriendFinder eingedrungen sein sollen, meldet das Info-Portal "LeakedSource" . Die Daten von 412 Millionen Nutzern der verschiedenen Angebote des Unternehmens seien dabei kompromittiert worden.
Der Datensatz, der "LeakedSource" vorliegt, soll Informationen zu knapp 340 Millionen Nutzerkonten von AdultFriendFinder enthalten. Weitere 70 Millionen Datensätze werden FriendFinder-Angeboten wie Cams.com und Stripshow.com zugeordnet. Einem Bericht von "zdnet" zufolge enthalten die Datensätze E-Mail-Adressen und Passwörter, aber keine Angaben zu sexuellen Vorlieben.
Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
|
Scooped by
Gust MEES
October 17, 2016 10:42 AM
|
At least 58 million people have had their personal information published on the internet – including their names, dates of birth, email and postal addresses, job titles, phone numbers, vehicle data, and IP addresses – after a hacker stole a massive unsecured database.
And, if you think that sounds bad, there may be yet more hacked data still to be exposed.
The sensitive information appears to have been exfiltrated from Modern Business Systems (MBS), a company that provides businesses with online data storage and database hosting solutions, by a hacker calling themselves 0x2Taylor on Twitter. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
|
Scooped by
Gust MEES
September 22, 2016 4:29 PM
|
|
|
Scooped by
Gust MEES
June 24, 2016 11:50 AM
|
Security researcher Chris Vickery came across an online database, hosted on a Google Cloud server, containing 154 million US voter records.
It emerged that the poorly-secured database belonged to an unnamed client of data brokerage firm L2. The client has blamed hackers for leaving the database accessible from the outside world, without even the simplest password. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
|
Scooped by
Gust MEES
June 21, 2016 7:05 PM
|
|
|
Scooped by
Gust MEES
May 31, 2016 9:38 AM
|
MySpace’s turn
Well, it’s happened again.
This time, the breach is said to come from MySpace, and the number of passwords claimed is an eye-popping 427 million.
Apparently, there are only 360 million users on the list, but some accounts have more than one password listed, for reasons that aren’t explained.
Once again, the passwords allegedly exposed in this breach were simple, unsalted SHA-1 hashes, vulnerable to just the same sort of high-speed try ’em all attack as in the LinkedIn breach of 2012.
According to Leaked Source, lots of passwords have already been cracked, with the top 50 choices so far accounting for more than 6 million passwords, or 1.5% of the total. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
|
Scooped by
Gust MEES
April 6, 2016 5:42 PM
|
Turkey is investigating how hackers have posted online the identity data of some 50 million Turks, including what they said were details about the president and prime minister, after what is believed to be the biggest data breach seen in the country.
While no group has taken credit for uploading the data to a website called the Turkish Citizenship Database, the comments posted suggest Turkey may be a target of political hackers.
The 1.5 gigabyte compressed file contains the national identity number, date of birth and full address for 49.6 million Turks, according to the website, or around two thirds of the population.
The website said it included the ID information of President Tayyip Erdogan, Prime Minister Ahmet Davutoglu and former president Abdullah Gul and taunted the president.
Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
|
Scooped by
Gust MEES
April 6, 2016 5:32 AM
|
|
|
|
Scooped by
Gust MEES
February 28, 2017 4:08 PM
|
|
|
Scooped by
Gust MEES
January 18, 2017 5:32 AM
|
Das in Israel ansässige Unternehmen bietet Hacking-Software für Mobiltelefone an. Es hat den erfolgreichen Hackerangriff inzwischen bestätigt. Laut Motherboard fielen den Angreifern 900 GByte mit Kundendaten, Datenbanken und umfangreiche Informationen zur Technik der Cellebrite-Produkte in die Hände. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
|
Scooped by
Gust MEES
January 4, 2017 2:38 PM
|
|
|
Scooped by
Gust MEES
December 20, 2016 6:24 AM
|
|
|
Scooped by
Gust MEES
November 14, 2016 10:45 AM
|
Hundreds of millions of users put at risk after AdultFriendFinder and other sites suffer hack. What has happened? The AdultFriendFinder website appears to have been hacked, exposing the personal information of hundreds of millions of user accounts. What is AdultFriendFinder? I don’t want to be indelicate, so I’ll just tell you it’s strapline: “Hookup, Find Sex or Meet Someone Hot Now”. Oh! So like Ashley Madison? Yes, very much so. And we all know what a big story that was, how extortionists attempted to blackmail users, and how lives were damaged as a result. Fortunately, information about individuals’ sexual preferences do not appear to have been included in the exposed databases. Still, it sounds nasty – and there clearly remains the potential for blackmail. Are there any .gov and .mil email addresses associated with the exposed accounts in this latest breach? I’m afraid so. Of the 412 million accounts exposed on the breached sites, in 5,650 cases, .gov email addresses have been used to register accounts. The same goes for 78,301 .mil email addresses. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
|
Scooped by
Gust MEES
October 21, 2016 9:27 AM
|
The web design platform Weebly was hacked in February, according to the data breach notification site LeakedSource. Usernames and passwords for more than 43 million accounts were taken in the breach, although the passwords are secured with the strong hashing algorithm bcrypt.
Weebly said in an email to customers that user IP addresses were also taken in the breach.
“We do not believe that any customer website has been improperly accessed,” Weebly said in the notice to users.” The company also said that it does not store credit card information, making fraudulent charges unlikely.
LeakedSource said it received the Weebly database from an anonymous source and notified Weebly of the breach. In addition to the customer notification emails, LeakedSource claims that password resets are being issued — but, if you’re a Weebly user and you don’t receive a password reset, you probably want to change your password anyway. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
|
Scooped by
Gust MEES
October 1, 2016 4:28 AM
|
|
|
Scooped by
Gust MEES
September 22, 2016 11:01 AM
|
|
|
Scooped by
Gust MEES
June 23, 2016 4:21 PM
|
A database with 154 million US voter registration records has been leaking information on a dizzying array of intimate details, including gun ownership, Facebook profiles, address, age, position on gay marriage, ethnicity, email addresses and whether a voter is “pro-life.”
MacKeeper security researcher Chris Vickery found the instance of a CouchDB database wide open, configured as it was for public access with no username, password, or other authentication required.
As Vickery said in a post, he tracked down and notified the company that was the source of the database. It was shut down within 3 hours.
On Tuesday, Vickery reached out to the company – a data brokerage firm named L2 – to report his theory: that one of its clients had purchased data from L2 and was hosting it in an insecure manner.
L2 said that yes, that was the case. He and L2 CEO Bruce Willsie tracked down the client, and the database was taken offline within 3 hours. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
|
Scooped by
Gust MEES
June 14, 2016 6:45 PM
|
|
|
Scooped by
Gust MEES
April 27, 2016 5:31 PM
|
Over seven million members of the independent Minecraft “Lifeboat” community have had their security and privacy put at risk after hackers breached servers and stole usernames, email addresses and MD5-hashed passwords.7 million Minecraft Pocket Edition players put at risk after Lifeboat hack
Over seven million members of the independent Minecraft “Lifeboat” community have had their security and privacy put at risk after hackers breached servers and stole usernames, email addresses and MD5-hashed passwords.
It’s important to note that only players of the smartphone edition of Minecraft were affected, and even then only if they were members of the independent “Lifeboat” community, which runs a variety of servers offering free-to-play multi-player games on the Minecraft platform.
All the same, Lifeboat has over seven million users. And unsalted MD5 hashes are a notoriously weak way to secure passwords, making it trivial for criminals to crack. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
|
Scooped by
Gust MEES
April 6, 2016 5:28 PM
|
Die digitale Türkei wiegt gerade mal 6,6 GB – so groß sind die unkomprimierten Daten von 49.611.709 türkischen Bürgern im Klartext, die gestern Abend veröffentlicht worden sind. Die Daten beinhalten außer den jeweiligen Namen im Klartext und der Adresse die eindeutige Indentifizierungsnummer, die nationale Nummer, üblich in der Türkei, den Geburtsort, das Geburtsdatum sowie die Namen der Eltern. Als Beispiel haben die Hacker die Daten des türkischen Präsidenten Recep Erdogan, des türkischen Ministerpräsidenten Ahmet Davutoglu und des ehemaligen Präsidenten Abdulla Gul veröffentlicht. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
The platform is used by more than 78 million teachers, students and parents to compose lesson plans, make homework assignments and other tasks.
Breach notification website LeakBase provided Motherboard with a sample of more than two million records, which included usernames, email addresses and hashed passwords.
The good news is that the passwords apparently are hashed with the stealthy bcrypt algorithm, and a string of random characters known as a salt, which likely will make it more difficult for hackers to obtain users' login credentials. And, when staffers at Motherboard attempted to open Edmodo accounts using some of the purloined data, they were unsuccessful as the address was already linked to an Edmodo account, the report explained.
The bad news is that at least a portion of the database is up for sale on the dark web marketplace Hansa for $1,000. The seller, going under the name nclay, said s/he was in possession of 77 million accounts. LeakBase reported that 40 million of those come with an email address.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
http://www.scoop.it/t/securite-pc-et-internet/?&tag=Edmodo+Insecurity