Spyware, Viruses, & Security forum


NEWS - October 29, 2015

by Carol~ Moderator / October 29, 2015 3:06 PM PDT
13 million plaintext passwords belonging to webhost users leaked online

A security researcher has discovered a trove of more than 13 million plaintext passwords that appear to belong to users of 000Webhost, a service that says it provides reliable and high-speed webhosting for free.

The leaked data, which also includes users' names and e-mail addresses, was obtained by Troy Hunt, an Australian researcher and the operator of Have I Been Pwned?, a service that helps people figure out if their personal data has been exposed in website breaches. Hunt received the data from someone who contacted him and said it was the result of a hack five months ago on 000Webhost.

Continued: http://arstechnica.com/security/2015/10/13-million-plaintext-passwords-belonging-to-webhost-users-leaked-online/

Hackers put up for sale 13 million plaintext passwords stolen from 000webhost
Web Hosting Service 000webhost Hacked, Information of 13 Million Leaked
000webhost hacked, 13 million customers exposed
Discussion is locked
You are posting a reply to: NEWS - October 29, 2015
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - October 29, 2015
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Google to Symantec: Clean up your act or be branded unsafe
by Carol~ Moderator / October 29, 2015 3:07 PM PDT

Google has laid down the law when it comes to Symantec and how the company handles certificates -- be transparent or face the consequences.

Google is evidentially not very pleased about security firm Symantec's recent performance when it comes to issuing secure Web certificates and has outlined a list of demands to prevent the same mistakes from happening again.

In September, Symantec fired a number of employees following glaring mistakes in issuing transport layer security (TLS) certificates. The company said "employee error" caused cryptographic certificates to be issued online without the consent of either Google or Symantec, allowing attackers to impersonate Google pages protected by HTTPS.

Continued: http://www.zdnet.com/article/google-to-symantec-clean-up-your-certificates-or-be-branded-unsafe/

Related: Still fuming over HTTPS mishap, Google makes Symantec an offer it can’t refuse

Collapse -
Police Stage European Raids Against Spyware
by Carol~ Moderator / October 29, 2015 3:41 PM PDT

Authorities in five European countries said Thursday they had staged a coordinated swoop on suspected users of spy malware that gives remote access to other people's smartphones.

The illegal software in question, DroidJack, allows cybercriminals to hijack Android smartphones and snoop on data traffic, listen in on conversations, use the camera and send text messages without the owner knowing.

Prosecutors in the western city of Frankfurt confirmed Germany initiated the European crackdown, which also included raids on Tuesday in Britain, France, Belgium and Switzerland coordinated by Europol, the EU's law enforcement agency, and Eurojust, its judicial network.

Continued: http://www.securityweek.com/police-stage-european-raids-against-spyware

Police raid homes across Europe over DroidJack malware
German police stage raids against DroidJack malware users

Collapse -
Always good to read something like this.
by Dafydd Forum moderator / October 29, 2015 3:52 PM PDT

Thanks for that.

Collapse -
Sure is, Dafydd !
by Carol~ Moderator / October 29, 2015 4:10 PM PDT

Unfortunately, there isn't enough of the same sort of news to be found. Sad


Collapse -
LOL, C'mon , Really !
by itsdigger / October 29, 2015 5:02 PM PDT

Folks who think Android / Linux and the noobs that believe Ubuntu Smartphones (?)
( Really Laughing Now ) are infallible to attacks should read your post and take heed .
I only wish that I were young enough and grew up with the tech to hack folks or nations like these kids do ,
I'd have a ball

Listen Folks, If you want to be safe, ...
Unplug and use mental telepathy

Collapse -
where's Uri Gellar when you need him?
by Dafydd Forum moderator / October 29, 2015 5:14 PM PDT
In reply to: LOL, C'mon , Really !


Collapse -
This guy? Mind bender.
by R. Proffitt Forum moderator / October 29, 2015 5:27 PM PDT
Collapse -
Chief, we should use the Cone Of Silence.
by R. Proffitt Forum moderator / October 29, 2015 5:19 PM PDT
In reply to: LOL, C'mon , Really !
Collapse -
I hear ya man !
by itsdigger / October 29, 2015 5:27 PM PDT
Collapse -
Sorry, points at "Control Cards"
by R. Proffitt Forum moderator / October 29, 2015 5:39 PM PDT
In reply to: I hear ya man !
Collapse -
No kilts in here, please
by James Denison / November 4, 2015 11:32 AM PST

Bagpipes either.

Collapse -
When I was in Vancouver, BC.
by R. Proffitt Forum moderator / November 4, 2015 11:42 AM PST

Both were found in great quantity certain times of the year. Must be a migration pattern.

Collapse -
Car Hacking, Mobile Jailbreaking Among DCMA Exemptions ..
by Carol~ Moderator / October 29, 2015 3:41 PM PDT
.. Granted

Car hackers and jailbreakers today apparently got a green light from the Librarian of Congress David Mao to tinker away.

The Library of Congress’ triennial exemptions to the anti-circumvention rules within the Digital Copyright Millennium Act (DCMA) were released today, and among the exemptions to section 1201 of the DCMA are allowances for “good-faith” testing of vehicular computer systems for the identification and correction of vulnerabilities.

“The proponents of these security exemptions observed as a general matter that computer programs are pervasive in modern machines and devices, including vehicles, home appliances and medical devices, and that independent security research is necessary to uncover flaws in those computer programs,” the rule reads.

Continued : https://threatpost.com/car-hacking-mobile-jailbreaking-among-dcma-exemptions-granted/115185/

Related: US Library of Congress makes tinkering with your car software legal
Collapse -
Avira starts lawsuit against adware distribution site
by Carol~ Moderator / October 29, 2015 3:54 PM PDT

Avira has filed a lawsuit against the German Freemium.com download site for confusing users into installing unwanted programs that can compromise their privacy or weaken their computers’ security.

Avira has long been spearheading the detection of this kind of software as “Potentially Unwanted Applications” (PUA) and we are the first security vendor to take a software publisher to court over this unfair business practice. The case will be heard at the Hamburg regional court.

“It is time to take the fight against this next-generation adware directly to the source,” said Travis Witteveen, CEO of Avira GmbH. “Freemium.com is engaged in unfair competition that violates consumers’ legal right to privacy and uses invalid contracts.”

Continued : https://blog.avira.com/avira-starts-lawsuit-against-adware-distribution-site/

Avira turns tables to launch lawsuit against ‘crapware’ slinger
Avira Does Everyone a Favor and Sues Adware Distributor Freemium.com

Collapse -
Copy-Pasting Google Search URLs Leaks Previous Searches
by Carol~ Moderator / October 29, 2015 3:59 PM PDT

An MIT researcher has uncovered a privacy hole in Google's search engine, one that inadvertently leaks a user's previous search query if he copy-pastes his current search results URL and shares it with someone else.

The one that came across over this issue is Jeremy Rubin, founder of Tidbit, technical director at the MIT Bitcoin Project, and founder and senior technical advisor for the Digital Currency Initiative @ MIT Media Lab.

Mr. Rubin first noticed something wrong when he received a copy-pasted Google search URL from one of his friends. The URL in question had the following pattern:

Continued : http://news.softpedia.com/news/copy-pasting-google-search-urls-leaks-previous-searches-495478.shtml

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?