Cluttermagnet Posted August 6, 2014 Share Posted August 6, 2014 (edited) You are going to be hearing a lot about this. I did a search and read up about this exploit. The site below attracted me in particular because its coverage is different than a lot of the other security news outlets: http://www.networkwo...-and-email.html I need to get serious about updating passwords... BTW the search term I used on startpage.com was "security breach russian hackers" “I guess we should feel grateful that the hackers don't appear to be interested in exploiting the stolen information (and don't appear to be serious about selling it onto others)," Graham Cluley told SCMagazineUK.com. “But I am disappointed that CNET hasn't (so far at least) informed registered users of the security breach. Even if the passwords aren't cracked, there is other personal information in there which could potentially be exploited by cyber criminals.” Edited August 6, 2014 by Cluttermagnet Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 6, 2014 Share Posted August 6, 2014 Changed mine right away. Quote Link to comment Share on other sites More sharing options...
ross549 Posted August 6, 2014 Share Posted August 6, 2014 Note: this only applies if you have a CNET account...... Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 6, 2014 Share Posted August 6, 2014 Right... Quote Link to comment Share on other sites More sharing options...
Cluttermagnet Posted August 7, 2014 Author Share Posted August 7, 2014 Yes I knew that- My point was that the Russian hackers are quoted as tipping off security themselves, chiding security, even taunting security- but apparently they have not used this wealth of exploitable info- and they could have. My point was that this was a different sort of account of that exploit that none of the other sources I read covered. I found that interesting, FWIW... Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 7, 2014 Share Posted August 7, 2014 True ... and here is something completely different....but similar...this one is about Hold Security and Russian cyber gang "CyberVor". Security firm that revealed “billion password” breach demands $120 before it will say if you’re a victim - GrahamCluley.com Quote Link to comment Share on other sites More sharing options...
zlim Posted August 7, 2014 Share Posted August 7, 2014 Now all these stories come out about using a really strong password. It doesn't matter how strong a password is, if the site gets hacked, your password is toast! I think the news outlets should concentrate more on telling people to use a different password for every site. Note: I'm not saying not to use a strong password BUT the headline should read Use a Different Password for Every Site. Then go into detail about strong passwords and password managers. People think if they have a strong password, then it's okay to use that password everywhere. :'( 1 Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 7, 2014 Share Posted August 7, 2014 They actually are doing that. Strong passwords are still very important, but using different passwords for every site is something that all security folks have been stressing for a long time. And to make that easier, using a password manager with a strong master password. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 8, 2014 Share Posted August 8, 2014 Apparently those replacements are built-in to password cracking software as well as a bunch of other classic things people use. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 8, 2014 Share Posted August 8, 2014 True ... and here is something completely different....but similar...this one is about Hold Security and Russian cyber gang "CyberVor". Security firm that revealed “billion password” breach demands $120 before it will say if you’re a victim - GrahamCluley.com Debunked by security researcher: THE LIE BEHIND 1.2 BILLION STOLEN PASSWORDS - youarenotpayingattention.com More here: How Hold Security Lied about 1.2 Billion Compromised Credentials - Reddit And here as corroboration as noted in the first link: Internet data breach puts Milwaukee-area man in cyber spotlight - Journal/Sentinal/jsonline Hat tip to Adam/ross549! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.