Russian gang has stolen 1.2B(!) passwords: security researchers
105 replies, posted
Just gonna leave this here: [url]http://www.forbes.com/sites/kashmirhill/2014/08/05/huge-password-breach-shady-antics/[/url]
[QUOTE=l337k1ll4;45603997][IMG]http://www.gannett-cdn.com/-mm-/32088fb9b82c0b33b75564a53d42f6e9330a976c/c=224-0-3650-2575&r=x383&c=540x380/local/-/media/USATODAY/GenericImages/2014/08/05/1407279032000-491893117.jpg[/IMG]
Shit, I didn't know you needed a magnifying glass to hack computers. Now I understand. It makes perfect sense.[/QUOTE]
That's some damn 1997 Powerpoint and or Geocities stock imagery right there
[QUOTE=Robber;45629119]Just gonna leave this here: [url]http://www.forbes.com/sites/kashmirhill/2014/08/05/huge-password-breach-shady-antics/[/url][/QUOTE]
That suggests twitter passwords were leaked.
It also says they were stolen thru SQL injection.
Does this suggest twitter is vulnerable to SQL injection :v:
[QUOTE=katbug;45627138]A dictionary attack usually is a dictionary of previously used passphrases, not a literal dictionary.
This password would be basically impossible to guess, and would be considered almost literally impossible to crack if there was a number in the middle of the string.[/QUOTE]
No idea how things are now but a few years back I was reading that brute dictionaries are used when targeting someone in particular. But I guess that's not a point since if you're targeting someone you're most likely going to use all methods. Yeah a number or a symbol, hell, eve a capital letter would fuck it up but when its just a couple generic words in lowercase it's possible. Hell I'm sure many of those are in rainbowtables.
just make sure you change your email passwords, guys, so you can use forgotton password AND your steam account is safe.
[QUOTE=Lurklet;45630332]just make sure you change your email passwords, guys, so you can use forgotton password AND your steam account is safe.[/QUOTE]
No point, it says lots of the websites still have the same insecurity.
You change your password they'll just find the new one?
[QUOTE=mdeceiver79;45630352]No point, it says lots of the websites still have the same insecurity.
You change your password they'll just find the new one?[/QUOTE]
I'm lost, are you asking a rhetorical question?
[QUOTE=itisjuly;45629513]No idea how things are now but a few years back I was reading that brute dictionaries are used when targeting someone in particular. But I guess that's not a point since if you're targeting someone you're most likely going to use all methods. Yeah a number or a symbol, hell, eve a capital letter would fuck it up but when its just a couple generic words in lowercase it's possible. Hell I'm sure many of those are in rainbowtables.[/QUOTE]
if you had a lowerupperalphanumericsymbolspace rainbow table that size, it would be like 10^4 petabytes
[editline]8th August 2014[/editline]
but yeah, rainbow tables contain literally every combination of every character, so if you had a table that large you could definitely crack it fairly quickly.
It sure is sad that my tens of accounts in various sites and emails that have names and passwords like for example email called almost "passwordisbanana@gmail.com" or account called "thispasswordis123456" haven't been touched.
[QUOTE=Combine 177;45638296]It sure is sad that my tens of accounts in various sites and emails that have names and passwords like for example email called almost "passwordisbanana@gmail.com" or account called "thispasswordis123456" haven't been touched.[/QUOTE]
well, nobody's gunning for your stuff, if they tried, it would take them seconds.
Incase anyone is still reading this thread;
The entire 1.2 billion passwords thing is a scam to get consultant gigs.
[url]http://www.youarenotpayingattention.com/2014/08/08/the-lie-behind-1-2-billion-stolen-passwords/[/url]
[QUOTE=Mega1mpact;45644899]Incase anyone is still reading this thread;
The entire 1.2 billion passwords thing is a scam to get consultant gigs.
[url]http://www.youarenotpayingattention.com/2014/08/08/the-lie-behind-1-2-billion-stolen-passwords/[/url][/QUOTE]
so, what about all of the people who had false login flags and shit over the past few days
nothing happened to me, but there are plenty in the thread who claimed things happened to them
[QUOTE=Pretty Obscure;45646053]so, what about all of the people who had false login flags and shit over the past few days
nothing happened to me, but there are plenty in the thread who claimed things happened to them[/QUOTE]
Probably just bad timing, it happens to people daily but you wouldn't ever think to bring it up unless "the evil bad guys from that big news story" possibly had a hand in it, would you?
