The "Oh hey look who got hacked today" thread!

[Melena]

Until three years ago, we were stuck having to use Windows XP due to our Coroner's office using a web based program that would not run in anything higher than IE 6.0. We still can't even have Java auto update due to another division's reliance on a program that breaks if you use Java 7 or higher.

[Meresgi]

Until three years ago, we were stuck having to use Windows XP due to our Coroner's office using a web based program that would not run in anything higher than IE 6.0. We still can't even have Java auto update due to another division's reliance on a program that breaks if you use Java 7 or higher.

I feel your pain. I manage an English program used by the college that was developed for fucking Windows 95. It uses .dll files that Microsoft doesn't even use anymore, and when updates roll around for our Windows 7 systems, the update deletes said all of those .dll files and breaks the program.... not to mention 50% of the program is broken just by using windows 7...

OMG BG IS HARVESTING OUR DATA

[Melena]

I feel your pain. I manage an English program used by the college that was developed for fucking Windows 95. It uses .dll files that Microsoft doesn't even use anymore, and when updates roll around for our Windows 7 systems, the update deletes said all of those .dll files and breaks the program.... not to mention 50% of the program is broken just by using windows 7...



OMG BG IS HARVESTING OUR DATA

Yea, our terminal emulation software is another bane we have. Shit was designed to run in win 2k/xp environment and we are using that shit in windows 7. After installing it we have to run a batch file to re-register dll files that allow desktop internet shortcuts to work again. Attachmate came out to demo a web based version of it and was shocked we actually bubblegum and ducttaped their old product together enough to make it work.

[Ksandra]

I use firefox. Hubby is always trying to get me to switch to Chrome, though. I hate change.

[Waraji]

Switched entirely to Chrome on my last re-install. Brought over all my bookmarks. It's worked out pretty nicely.

[Meresgi]

Chrome is my preferred. Firefox/Iceweasel for using tools/addons though since there are just so many more for hacking.

[notorious bum]

I use both; chrome for my lame business needs of using google mail/docs, and Firefox for personal. I also use both to quickly search with bing on FF and google on chrome for different results(bing's image/video results mainly).

[Twilight Sky]

Speaking of this.. I liked going to Target since it down the street, but after they got breached, I had to stop going there :/

[Waraji]

Speaking of this.. I liked going to Target since it down the street, but after they got breached, I had to stop going there :/

There's this separate way of paying which won't leave a footprint, I think they call it cash?

[Meresgi]

Speaking of this.. I liked going to Target since it down the street, but after they got breached, I had to stop going there :/

Chances are 90% of the mom and pop places you go to or anything less then a fortune 500 probably is hacked almost monthly in some way. Firsthand account:

I worked with a clothing company out of Georgetown, very high class. Clothes were crazy over priced...they used unsecured windows xp machines, also used their SERVER as a desktop, and disabled the firewall and AV on it because "it didnt let me use the chat programs"...those programs be all sorts of spyware available at CNET and other spots... I was amazed they fucking didn't have Kazaa fucking installed...

[Uzor]

Chances are 90% of the mom and pop places you go to or anything less then a fortune 500 probably is hacked almost monthly in some way. Firsthand account:

I worked with a clothing company out of Georgetown, very high class. Clothes were crazy over priced...they used unsecured windows xp machines, also used their SERVER as a desktop, and disabled the firewall and AV on it because "it didnt let me use the chat programs"...those programs be all sorts of spyware available at CNET and other spots... I was amazed they fucking didn't have Kazaa fucking installed...

W...T...F. That's insane. I'd never trust a company like that.

[6souls]

Michaels... again

Michaels Stores Inc, the biggest U.S. arts and crafts retailer, on Thursday confirmed that there was a security breach at certain systems that process payment cards at its U.S. stores and that of its unit, Aaron Brothers.

The company said in January that it was working with federal law enforcement officials to investigate a possible data breach.

Michaels Stores said the breach, which took place between May 8, 2013 and January 27, 2014, may have affected about 2.6 million cards, or about 7 percent of payment cards used at its stores during the period.

The company said about 400,000 cards were potentially impacted at its Aaron Brothers unit by the breach, which occurred between June 26, 2013 and February 27, 2014.

There was no evidence that data such as customers' name or personal identification number were at risk, Michaels Stores said in a statement.

This is the second known data breach since 2011 at Michaels Stores.

Michaels Stores, whose major investors are Blackstone Group LP and Bain Capital LP, said cyber security firms it hired found that malware not encountered previously had been used in the latest attack.

The company said it was working with law enforcement authorities, banks and payment processors, and that the malware no longer presents a threat.

Michaels Stores, which resubmitted its IPO documents late last month following a restructuring, is the latest U.S. retailer whose systems have been breached.

Last year, the No.3 U.S. retailer Target Corp suffered a massive security breach that resulted in the theft of some 70 million customer records.

Reuters reported in January that smaller breaches on at least three other well-known U.S. retailers took place and were conducted using similar techniques as the one on Target.

U.S. retailers are planning to form an industry group for collecting and sharing intelligence in a bid to prevent future attacks.

Michaels Stores, which owns several private brands such as Recollections, Artist's Loft and Loops & Threads, competes with Hooby Lobby Stores Inc, Jo-Ann Stores Inc and Wal-Mart Stores Inc.

http://www.reuters.com/article/2014/...A3G27N20140417

[notorious bum]

Forming an industry group of finger-pointing, is the most likely end-product lol

[Meresgi]

http://www.pcworld.com/article/21483...ing-a-fix.html

On Saturday, Microsoft announced that Internet Explorer versions 6 through 11 were at risk for so-called drive-by attacks from malicious websites. Windows XP is capable of running Internet Explorer 6, 7, and 8.

This new remote code execution vulnerability, dubbed CVE-2014-1776, has the potential to give hackers the same user rights as the current user. That means a successful attacker who infects a PC running as administrator would have a wide variety of attack open to them such as installing more malware on the system, creating new user accounts, and changing or deleting data stored on the target PC. Most Windows users run their PCs under an administrator account.

These attacks aren't theoretical, either—security firm FireEye discovered these attacks being actively used in the wild. For these attacks to work, however, a user would have to visit a malicious website attempting to install the code. Microsoft says attacks could also come from "websites that accept or host user-provided content or advertisements" where an attacker could insert malicious code.

Spoiler: STOP USING FUCKING INTERNET EXPLORER

[6souls]

AOL - 120 million account's data stolen

Hackers stole "a significant number" of email addresses, passwords, contact lists, postal addresses and answers to security questions, the company said in a blog post Monday. Anyone of the company's 120 million account holders might be affected. Judging by AOL's description of the incident, that total number could well be in the tens of millions. But AOL isn't giving any details about the incident for now.

Non-AOL users: Watch out for spam that looks like it came from you or your friends' AOL accounts.

It's a double whammy that's shows just how annoying hackers can be when they loot our contact lists.

Hackers are doing something called email spoofing, and it's making it seem as if long-discarded AOL email accounts are back and sending spam. Emails appear to come from your friend's email address because the "From:" field shows their email address. But this spam is actually coming from someone else. Hooligans know who to send spam to because they have your contact list.

Although the massive hack likely affected untold millions, AOL estimates only 2% of its email accounts are being spoofed so far. So far, AOL has only been able to redirect these spoofed emails into people's junk mail folders.

The situation leaves folks like Mindy Sopher of Raleigh, N.C., feeling hopeless. Two weeks ago, she was approached by a few coworkers at the North Carolina State University who said she was spamming them from an AOL account she hadn't used in years. Curious, she logged in and realized her account wasn't sending anything. The situation soon grew worse. This was the account she used to teach her public speaking class seven years ago -- and her old students were now receiving a flood of one-line emails with questionable links to websites based in Russia and Thailand.

Sopher is overcome by embarrassment and the fear that an unsuspecting ex-student will think the emails are actually from her.

"It's disheartening," she said. "I would hate for something to go off on their computer because of me."

AOL is now asking that all users -- current and former -- change their credentials. It won't stop spoofing, but it'll limit any spillover damage from the larger data breach. Anyone who receives suspicious email is directed to forward the message to [email protected].

There's little else you can do, but you can tell if your account has been targeted, said Gary Davis at antivirus maker McAfee. If you're getting "mailer daemon" error messages for emails you never sent, and they're not in your email outbox? You're being spoofed.

http://money.cnn.com/2014/04/29/tech...html?hpt=hp_t3
http://blog.aol.com/2014/04/28/aol-security-update/

[Meresgi]

Like the IE shit, I saw the thing on AOL and went "Who the fuck still uses this?"

[Kryssan]

Like the IE shit, I saw the thing on AOL and went "Who the fuck still uses this?"

Dude, AOL was my start to the internets and pretty much the only chat medium I still use ( XMPP to AOL bridge or AIM's webclient ). I totally still have the account I used back then for dialup. Mainly as a "Oh hey you want my email here you go" account, but nostalgia would never let it go anyway. According to AOL nowadays the account was created on 12/31/00 but it's definitely older than that.

[hey]

Do i need to be worried about my aol account from 15+ years ago?

[RKenshin]

I still had an AOL account from the old days, which I recieved 2-3 phishing e-mails 'from' last week at my main e-mail address (along with a bunch of old contacts of the AOL account). It became my spam e-mail for anything unimportant, though it's mostly unused... but this is still annoying.

[AoE]

What I always despised about AOL is that closing your account was always more tedious than it needed to be. I realized my AOL email was sending spam years ago because some of it got sent to another account. Deleting my contacts stopped it but I woulda rather have just got rid of my account. I think you have to call them or something although that could've changed.