leak

quoted, security August 31, 2016

Dropbox was breached in 2012, the data is now online – a quote in SecurityWeek

68 Million Exposed in Old Dropbox Hack By Ionut Arghire on August 31, 2016 In an email response to a SecurityWeek inquiry, IT security expert Sorin Mustaca said that the surprising fact is that the 2012 hack of Dropbox didn’t emerge earlier, along with the other mega-breaches. He also notes that the use of the SHA1 hashing algorithm with salting improves the security of these passwords. “Fortunately, Dropbox was using the SHA 1 hashing algorithm (today this is not considered “strong” anymore) and it was using salting even in 2012 – an operation that many other services don’t do even today. Many are using legacy systems which make use of MD5 without hashing – I guess that the ‘never change a running system’ is still applied literally in many websites,” Mustaca said. To stay protected, he says, users should create unique passwords for each of the services they use, never reuse passwords, and enable two-factor authentication wherever it is available. Service providers should never store passwords in plain text or encrypted, but should use a strong hashing function with a solid salt.   For consumers: –        Create a unique password for each service you use. Read my free eBook in…

privacy, question, quoted, security, security breach June 16, 2016

Quoted in SecurityWeek.com: 45 Million Potentially Impacted by VerticalScope Hack

Source: http://www.securityweek.com/45-million-potentially-impacted-verticalscope-hack Author: Ionut Arghire, Security Week     Here is my longer comment:   LeakedSource writes on their website about a massive breach of VerticalScope.com and all its affiliated websites from February 2016. However, neither VerticalScope.com nor any of the websites mentioned in the LeakedSource page mention anything related to a hack. Even if denial of a breach is not something unseen before, after reading the Summary of the dump on LeakedSource I am starting to see here a pattern:  “Each record may contain an email address, a username, an IP address, one password and in some cases a second password”. This is exactly the same as in the Myspace breach:”Each record may contain an email address, a username, one password and in some cases a second password.” How come that two completely unrelated breaches share the dump format? Could it be that they are converted somehow into a single format before they are put on sale? The assumption regarding the VerticalScope hack is that they used some vulnerable vBulletin software. I have verified this myself and this is why I found on a couple of their websites: Doing a search on “vulnerabilities for vBulletin 3.8.7 Patch Level 3” can…

quoted, security, security breach June 9, 2016

Quoted on SecurityWeek.com over the 32,8 M Twitter accounts leaked

Source: http://www.securityweek.com/32-million-twitter-credentials-emerge-dark-web Author: Ionut Arghire, Security Week   The cybercriminal behind the claimed Twitter leak is the same hacker who was previously attempting to sell stolen data from Myspace, Tumblr and VK user accounts, namely Tessa88@exploit.im. The Twitter credentials have already made it online on paid search engine for hacked data LeakedSource, which says it received a total of 32,888,300 records, each containing user’s email address, username, possibly a second email, and a password. [..] What is yet unclear is how old the supposedly leaked data is, since LeakedSource doesn’t provide specific details on that, although they do suggest that some credentials might be only a couple of years old. Furthermore, IT Security expertSorin Mustaca tells SecurityWeek that the manner in which these credentials were stolen isn’t that clear either. “Interesting enough, Leakedsource writes that they “very strong evidence that Twitter was not hacked”, rather the users got infected with some malware which stole credentials directly from the browsers of any account, not only Twitter’s,” Mustaca says. “However, there is no clear evidence presented that this is indeed the case. Their explanation for malware stealing credentials from browser is not entirely valid.” Although malware that targets browsers to steal user…

privacy, security, security breach June 1, 2016

LinkedIn Legal : “Important information about your LinkedIn account”

Yeah, they’ve been hacked 4 years ago and now their data is everywhere … well, almost everywhere. The LinkedIn hack of 2012 is  now being sold on the dark web. It was allegedly 167 million accounts and for a mere 5 bitcoins (about US$2.2k) you could jump over to the Tor-based trading site, pay your Bitcoins and retrieve what is one of the largest data breaches ever to hit the airwaves. Until this week, when Myspace.com leak from 2013 (or 2008!) released data of over 360Mil users.   LinkedIn’s Legal wrote :   Notice of Data Breach You may have heard reports recently about a security issue involving LinkedIn. We would like to make sure you have the facts about what happened, what information was involved, and the steps we are taking to help protect you. What Happened? On May 17, 2016, we became aware that data stolen from LinkedIn in 2012 was being made available online. This was not a new security breach or hack. We took immediate steps to invalidate the passwords of all LinkedIn accounts that we believed might be at risk. These were accounts created prior to the 2012 breach that had not reset their passwords since…

question, security, security breach June 1, 2016

I was right about the Myspace.com data: it is indeed old

You may have heard reports recently about a security incident involving Myspace. We would like to make sure you have the facts about what happened, what information was involved and the steps we are taking to protect your information. WHAT HAPPENED? Shortly before the Memorial Day weekend, we became aware that stolen Myspace user login data was being made available in an online hacker forum. The data stolen included user login data from a portion of accounts that were created prior to June 11, 2013 on the old Myspace platform. Source: https://myspace.com/pages/blog   But there is more: WHAT INFORMATION WAS INVOLVED? Email addresses, Myspace usernames, and Myspace passwords for the affected Myspace accounts created prior to June 11, 2013 on the old Myspace platform are at risk. As you know, Myspace does not collect, use or store any credit card information or user financial information of any kind. No user financial information was therefore involved in this incident; the only information exposed was users’ email address and Myspace username and password.   Troy Hunt writes also his own analysis and not surprisingly, he thinks that the data is actually around 8 years old . Additionally, he thinks that an insider…

question, quoted, security, security breach May 31, 2016

Quoted in SecurityWeek.com on the Myspace.com leak

Ionut Arghire of SecurityWeek wrote a very good article about the potential breach of Myspace.com: 427 Million MySpace Passwords Appear For Sale and I was quoted a lot! Thanks, Ionut! I wrote more extensively about what I think of this leak: Myspace.com was apparently hacked, 360Mil accounts on sale and nobody knows any details There are many things that aren’t right with this breach. Read the article above… Another question, after reading the above article: how come that Troy Hunt didn’t get it? Maybe because it is only available for money? The data hasn’t been tested at all and according to Troy’s article it is not valid data: no sql dump Too many yahoo.com and hotmail.com email addresses   1 @yahoo.com 126,053,325 2 @hotmail.com 79,747,231 According to Troy, Gmail should be the top email provider these days (and also 3 years ago) Partial username, partial email address, partial password -> can it get worse than this?

%d bloggers like this: