Recent Posts

Pages: 1 2 [3] 4 5 ... 10
Web News / 773M Password ‘Megabreach’ is Years Old
« Last post by Antus67 on January 18, 2019, 01:22:22 AM »
BY:Brian Krebs

My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum. A story in The Guardian breathlessly dubbed it “the largest collection ever of breached data found.” But in an interview with the apparent seller, KrebsOnSecurity learned that it is not even close to the largest gathering of stolen data, and that it is at least two to three years old.

The dump, labeled “Collection #1” and approximately 87GB in size, was first detailed earlier today by Troy Hunt, who operates the HaveIBeenPwned breach notification service. Hunt said the data cache was likely “made up of many different individual data breaches from literally thousands of different sources.”

Full Article Here:
Security Alerts & Briefings / Re: Ad Blocking
« Last post by Digerati on January 17, 2019, 07:51:34 PM »
I have Chrome and use it only on occasion to verify if a site is working or not. I have Adblock Plus with it.
Security Alerts & Briefings / Re: Ad Blocking
« Last post by Corrine on January 17, 2019, 06:47:05 PM »
I haven't heard of SuperBlock but AdBlock Plus is well known and used by many.  Note:  I don't use Chrome but my preferred adblock program, uBlock Origin, is available in the Chrome Store.
Web News / Data breach compromises 773 million records, 21 million passwords
« Last post by Antus67 on January 17, 2019, 05:22:22 PM »
BY: Michael Archambault

A given aspect of digital life is learning how to deal with situations in which you data becomes compromised; this is a fact that many individuals will have to deal with after the discovery of a data breach containing more than 773 million records. Discovered by security research and owner of Have I Been Pwned, Troy Hunt, the assemblage of documents is known as Collection No. 1 after it was found publically available online.

According to Hunt, the existence of Collection No. 1 was brought to his attention after multiple individuals reached out alerting him to its presence on the cloud storage site, Mega. When available, the massive gathering of data was spread across 12,000 separate folders and left a footprint of 87GB. Even after Mega had removed the data from its servers, another one of Hunt’s contacts was able to point him to a popular hacking forum where the data was being distributed.

Full Article Here:
Security Alerts & Briefings / Re: Ad Blocking
« Last post by Antus67 on January 17, 2019, 05:16:34 PM »
I would suggest Ad Guard one of the best............ the software is a paid version but worth the money.
Security Alerts & Briefings / Ad Blocking
« Last post by ChuckRJr on January 17, 2019, 04:09:41 PM »
For some reason I added Superblock and AdBlock Plus to Chrome.  I don't remember why and I would like to remove one of them.  They seem pretty much duplicate.
I am also wondering if there is something better out there.
Meet & Greet! / Re: Welcome New Members!
« Last post by Antus67 on January 17, 2019, 01:24:14 PM »
Thank you Corrine :)  Happy to be here!!!
Web News / “Stole $24 Million But Still Can’t Keep a Friend”
« Last post by Antus67 on January 17, 2019, 01:16:29 PM »
BY: Brian Krebs

Unsettling new claims have emerged about Nicholas Truglia, a 21-year-old Manhattan resident accused of hijacking cell phone accounts to steal tens of millions of dollars in cryptocurrencies from victims. The lurid details, made public in a civil lawsuit filed this week by one of his alleged victims, paints a chilling picture of a man addicted to thievery and all its trappings. The documents suggest that Truglia stole from his father and even a dead man — all the while lamenting that his fabulous new wealth brought him nothing but misery.

The unflattering profile was laid out in a series of documents tied to a lawsuit lodged by Michael Terpin, a cryptocurrency investor who co-founded the first angel investor group for bitcoin enthusiasts in 2013. Terpin alleges that crooks stole almost $24 million worth of cryptocurrency after fraudulently executing a “SIM swap” on his mobile phone account at AT&T in early 2018. Terpin also is pursuing a $200 million civil lawsuit against AT&T in connection with the theft.

Full Article Here:
Web News / Two Code Execution Flaws Patched in Drupal
« Last post by Antus67 on January 17, 2019, 01:14:15 PM »
By Eduard Kovacs on January 17, 2019

Updates released on Wednesday for Drupal 7, 8.5 and 8.6 address two potentially serious vulnerabilities that can be exploited for arbitrary code execution.

One of the flaws has been described as a weakness that allows remote execution of arbitrary PHP code. The issue is related to the phar stream wrapper built into PHP and how it handles untrusted phar:// URIs.

“Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability,” Drupal developers explained in an advisory. “This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration.”

Full Article Here:
Web News / Millions of Oklahoma Gov Files Exposed by Wide-Open Server
« Last post by Antus67 on January 17, 2019, 01:11:45 PM »

Author: Lindsey O'Donnell
January 16, 2019 3:25 pm

The storage server was left open for about a week and exposed everything from sensitive FBI investigations to data related to patients with AIDS.

Millions of sensitive files on a storage server belonging to the Oklahoma Department of Securities were left exposed for a week – including credentials, internal docs and personal data stretching back decades.

Researchers at UpGuard who discovered the data leak said that the publicly accessible data totaled a whopping three terabytes. The more severe types of files exposed included documents detailing FBI investigations, Social Security numbers for ten thousand brokers, credentials for remote access to Oklahoma Department of Securities workstations – and even a list of data relating to AIDS patients, including patient names.

Full Article Here:
Pages: 1 2 [3] 4 5 ... 10