+ Reply to Thread
Page 7 of 34 FirstFirst ... 5 6 7 8 9 17 ... LastLast
Results 121 to 140 of 662
  1. #121

    Fuck raptr, I hate that program.

  2. #122
    Who's driving? Oh my God Bear is driving! How can that be??
    Join Date
    Sep 2008
    Posts
    5,783
    BG Level
    8
    FFXI Server
    Lakshmi

    Health Insurance company Anthem/Blue Cross got hacked with up to 80 million customers affected

    http://www.latimes.com/business/la-f...204-story.html

  3. #123

    Hackers Steal Up To $1 Billion From Banks
    http://www.huffingtonpost.com/2015/0...n_6688268.html
    The hackers have been active since at least the end of 2013 and infiltrated more than 100 banks in 30 countries, according to Russian security company Kaspersky Lab.

    After gaining access to banks' computers through phishing schemes and other methods, they lurk for months to learn the banks' systems, taking screen shots and even video of employees using their computers, the company says.

    Once the hackers become familiar with the banks' operations, they use that knowledge to steal money without raising suspicions, programming ATMs to dispense money at specific times or setting up fake accounts and transferring money into them, according to Kaspersky.
    No info on which banks got hit, your info is safe guyz np

  4. #124
    BG Content
    Join Date
    Oct 2005
    Posts
    62,818
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    Lenovo confirms that they preloaded Adware on their Laptops between Sept & Dec 2014
    Superfish was previously included on some consumer notebook products shipped in a short window between September and December to help customers potentially discover interesting products while shopping. However, user feedback was not positive, and we responded quickly and decisively:

    Superfish has completely disabled server side interactions (since January) on all Lenovo products so that the product is no longer active. This disables Superfish for all products in market.
    Lenovo stopped preloading the software in January.
    We will not preload this software in the future.
    We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns. But we know that users reacted to this issue with concern, and so we have taken direct action to stop shipping any products with this software. We will continue to review what we do and how we do it in order to ensure we put our user needs, experience and priorities first.

    To be clear, Superfish technology is purely based on contextual/image and not behavioral. It does not profile nor monitor user behavior. It does not record user information. It does not know who the user is. Users are not tracked nor re-targeted. Every session is independent. Users are given a choice whether or not to use the product. The relationship with Superfish is not financially significant; our goal was to enhance the experience for users. We recognize that the software did not meet that goal and have acted quickly and decisively.

    We are providing support on our forums for any user with concerns. Our goal is to find technologies that best serve users. In this case, we have responded quickly to negative feedback, and taken decisive actions to ensure that we address these concerns. If users still wish to take further action, detailed information is available at http://forums.lenovo.com.
    Rob Graham, CEO of security firm Errata Security, cracks the cryptographic key shortly after the news broke
    Wrote a detailed explanation on how to do it

    http://blog.erratasec.com/2015/02/ex...l#.VOaNg_nF98F

    Lenovo CTO, Peter Hortensius, promises their IT Dept is developing a way to remove the adware, no timetable currently
    http://blogs.wsj.com/digits/2015/02/...pp-off-of-pcs/

    ArsTechnica has provided an explanation on how to remove the program now instead of waiting for Lenovo to eventually do it
    http://arstechnica.com/security/2015...esnt-tell-you/

    So as to what this actually is, it's a Man-in-the-Middle Malware that intercepts encrypted HTTPS certificates and spoofs them to make websites think they are real. For example, a user went to bankofamerica.com and instead of VeriSign issuing a certificate, Superfish snatched it and issued it themselves making BoA thinking it is authentic. What makes this worse is that the original programmers wrote the code that all versions to contain the same cryptographic key. That means once it's cracked, hackers could control the program on all machines that have it installed.




    Here is a little plainer English explanation provided by Ars;

    The critical threat is present on Lenovo PCs that have adware from a company called Superfish installed. As unsavory as many people find software that injects ads into Web pages, there's something much more nefarious about the Superfish package. It installs a self-signed root HTTPS certificate that can intercept encrypted traffic for every website a user visits. When a user visits an HTTPS site, the site certificate is signed and controlled by Superfish and falsely represents itself as the official website certificate.

    Even worse, the private encryption key accompanying the Superfish-signed Transport Layer Security certificate appears to be the same for every Lenovo machine. Attackers may be able to use the key to certify imposter HTTPS websites that masquerade as Bank of America, Google, or any other secure destination on the Internet. Under such a scenario, PCs that have the Superfish root certificate installed will fail to flag the sites as forgeries—a failure that completely undermines the reason HTTPS protections exist in the first place.
    http://arstechnica.com/security/2015...s-connections/

  5. #125
    True skill only comes from macro switching all your e-peen gear thru 10 pages
    Join Date
    Sep 2007
    Posts
    5,039
    BG Level
    8
    FFXI Server
    Quetzalcoatl

    How US and UK spies hacked into world's largest maker of SIM cards and stole encryption keys

    AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.

    The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data.

    The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world. The company operates in 85 countries and has more than 40 manufacturing facilities. One of its three global headquarters is in Austin, Texas and it has a large factory in Pennsylvania.

    In all, Gemalto produces some 2 billion SIM cards a year. Its motto is “Security to be Free.”

    With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt...
    https://firstlook.org/theintercept/2...eat-sim-heist/

  6. #126
    Chram
    Join Date
    Jul 2005
    Posts
    2,582
    BG Level
    7
    FFXIV Character
    Deejay Zombie
    FFXIV Server
    Excalibur

    http://www.engadget.com/2015/03/11/m...ecurity-flaws/

    Anyone seen this yet? Saw it this morning on another site. From what i read its a vulnerability in rsa encryption, primarily gathering peoples credit card numbers on shopping websites.

  7. #127
    Member since 2006 and still can't think of a title.
    Join Date
    Oct 2006
    Posts
    25,287
    BG Level
    10
    FFXIV Character
    Acanis Lindri
    FFXIV Server
    Midgardsormr
    FFXI Server
    Bismarck
    WoW Realm
    Kil'jaeden

    Not so much a hacking, but Panda Security released an update that would essentially make your computer self immolate.

    http://www.engadget.com/2015/03/12/p...had-a-bad-day/

  8. #128

    Quote Originally Posted by djzombie View Post
    http://www.engadget.com/2015/03/11/m...ecurity-flaws/

    Anyone seen this yet? Saw it this morning on another site. From what i read its a vulnerability in rsa encryption, primarily gathering peoples credit card numbers on shopping websites.
    Yeah this is kind of old, and I think it had a different name at first. But not nearly as catchy as FREAK.

  9. #129
    BG Content
    Join Date
    Oct 2005
    Posts
    62,818
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    Twitch, unauthorized access detected, all accounts need a new password and have been unlinked from Twitter and YouTube

    http://blog.twitch.tv/2015/03/import...witch-account/

  10. #130
    BG Content
    Join Date
    Oct 2005
    Posts
    62,818
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    Quote Originally Posted by 6souls View Post
    Twitch, unauthorized access detected, all accounts need a new password and have been unlinked from Twitter and YouTube

    http://blog.twitch.tv/2015/03/import...witch-account/
    Fun fact, after the breach was announced, users who reset their password were forced to use passwords with a 20 character minimum, but after a huge wave of complaints, they brought it back down to 8 minimum.

    http://www.hotforsecurity.com/blog/p...ong-11599.html

  11. #131

    8 char passwerds r hard....The internet bar is set low, but fuckin come on Twitch.

    I feel as if my 12-13 password scheme is just "getting the job done" and even though all my passwords are unique, it's an obvious pattern(with exception to my banking) and wouldn't take long for my of my accounts to be figured out (not that I have much of value anyway).

    fwiw: my password is based on a CAP@passphrase## system where the caps are the abbreviation of the site I'm on.

  12. #132
    RNGesus
    Sweaty Dick Punching Enthusiast

    Join Date
    Jan 2005
    Posts
    38,156
    BG Level
    10
    FFXIV Character
    Lenette Valkyr
    FFXIV Server
    Gilgamesh

    It wouldn't let me use 8 character but it also didn't force me to use 20. 14 worked

  13. #133

    Quote Originally Posted by notorious bum View Post
    8 char passwerds r hard....The internet bar is set low, but fuckin come on Twitch.

    I feel as if my 12-13 password scheme is just "getting the job done" and even though all my passwords are unique, it's an obvious pattern(with exception to my banking) and wouldn't take long for my of my accounts to be figured out (not that I have much of value anyway).

    fwiw: my password is based on a CAP@passphrase## system where the caps are the abbreviation of the site I'm on.
    Ha, I used to do pretty much the exact same thing, but like you worried about it being too easy. I ended up adding in a numerical aspect (also unique to the website), making it more difficult to find a pattern.

    Not that I worry much about the risk or am paranoid about it, but it's worth the minimal extra effort to me and it's easy enough to remember. I've got a solid set of 15-20 passwords to the important stuff, all ~20 characters long, unique, and easy to remember.

  14. #134
    The Fucking Voice of Actually
    Join Date
    Nov 2007
    Posts
    10,276
    BG Level
    9
    FFXIV Character
    Cantih Hacos
    FFXIV Server
    Gilgamesh
    FFXI Server
    Bahamut
    Blog Entries
    6

    Quote Originally Posted by notorious bum View Post
    and wouldn't take long for my of my accounts to be figured out
    And you... just made it easier...

  15. #135

    If someone is that determined to personally target any of my accounts, I'll give them a cookie for solving the riddle lol From what I understand, my password length/diversity is safe from most common password hacks.

  16. #136

    Symantec's website, an antivirus company, will not let you use more then 12 characters, it has to be between 6 and 12....and they don't require special characters or numbers. I made a bogus account and used "password" as the password and it went through...i'm so glad my company uses them for our AV...

    If someone is that determined to personally target any of my accounts, I'll give them a cookie for solving the riddle lol From what I understand, my password length/diversity is safe from most common password hacks.
    Depends on passphrase strength but if it's an actual phrase that makes it a lot harder, i'm assuming 20characters-ish? That should be hella strong if you don't use a phrase someone could figure out easily just by looking around your social media links and shit

  17. #137

    Yeah, my passphrase is also swapped between websites as well, mainly due to updating decade-old passwords with the increased characters. All my important log-ins aren't repeatable. Social/gaming/misc accounts get hacked, then I will know I have a secret bff lol My old yahoo email got hacked a decade ago when I was using some 7-8 character password, but that's pretty much it. Oh, and Diablo 2 back in the day, using a similar password. Someone really wanted my lv50 medic paladin lmao

  18. #138

    Those lvl50 medics sell for a shit ton on the black market

  19. #139
    BG Content
    Join Date
    Oct 2005
    Posts
    62,818
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    IRS' Get Transcript application
    100,000+ accounts with Social Security information, when they were born, and their street addresses


    http://www.mprnews.org/story/2015/05/26/npr-irs-hack

    The IRS said that there were 200,000 attempts to access the system from February to mid-May and at least 100,000 successful breaches.

  20. #140
    Brown Recluse
    Sweaty Dick Punching Enthusiast

    Join Date
    May 2006
    Posts
    26,970
    BG Level
    10
    FFXI Server
    Unicorn

    Quote Originally Posted by TummieGaruda View Post
    Health Insurance company Anthem/Blue Cross got hacked with up to 80 million customers affected

    http://www.latimes.com/business/la-f...204-story.html
    I just got 3 letters in the mail about my(and my kids) information possibly compromised.

+ Reply to Thread
Page 7 of 34 FirstFirst ... 5 6 7 8 9 17 ... LastLast

Quick Reply Quick Reply

  • Decrease Size
    Increase Size
  • Remove Text Formatting
  • Insert Link Insert Image Insert Video
  • Wrap [QUOTE] tags around selected text
  • Insert NSFW Tag
  • Insert Spoiler Tag