The news from the week is discussed, including how recent data breaches have fed off password reuse and how a university paid $20K after a ransomware attack.
Tag Archives: Web Security
Twitter Forces Password Reset on Some Exposed Accounts
Twitter has forced a password reset on an unnamed number of accounts exposed this week in a dump of 32.8 million account names and credentials.
uTorrent Forums User List Stolen
BitTorrent has warned users of its uTorrent client to change their passwords after a third-party breach allowed hackers to walk off with a list of its forum users.
Google Patches High Severity Browser PDF Vulnerability
Google patched a Chrome vulnerability that allowed remote code execution on targeted computers simply by viewing a specially crafted PDF.
Stolen Twitter Credentials Latest Dataset For Sale
LeakedSource says it has a set of 32 million Twitter account details, including plaintext passwords that were put up for sale on a black market website.
CryptXXX Ransomware Jumps From Angler to Neutrino Exploit Kit
Internet Storm Center researchers spot more distribution changes for CryptXXX ransomware.
Unpatched D-Link Wi-Fi Camera Flaw Remotely Exploitable
D-Link’s DCS930L Wi-Fi camera is vulnerable to a stack overflow vulnerability that can be remotely exploited.
Firefox 47 Fixes 13 Vulnerabilities, Removes Click-To-Activate Plugin Whitelist
Mozilla fixed 13 security issues, including two critical vulnerabilities that could have led to spoofing and clickjacking, among other issues, when it updated Firefox to the latest build, Firefox 47, this week.
No Simple Fix for Password Reuse
The result of the recent LinkedIn, Tumblr and Myspace breaches will be a virtual crime wave as hackers take stolen credentials and unlock other accounts across the web, say experts.
Google To Deprecate SSLv3, RC4 in Gmail IMAP/POP Clients
Google will next week begin a gradual deprecation of unsafe crypto protocol SSLv3 and cipher RC4 in Gmail IMAP/POP clients.