Showing posts with label passwords. Show all posts
Showing posts with label passwords. Show all posts

Evernote Security Breached! Causing 50 Million Passwords Reset

Posted by Avik Sarkar On 3/07/2013 06:57:00 pm

Evernote Security Breached! Causing 50 Million Passwords Reset

World famous online information storage firm Evernote, allows millions of people to store and organised personal data on an external server from cross-platform have fallen victim to latest round of cyber attacks where hackers had managed to breach the company network which results a massive data breach effecting more than 50 million of its registered users. The breach on Evernote follows malicious activity at Twitter, NBC, New York Times, Facebook and others in recent weeks. In their blog release the firm has acknowledged the incident while saying "Evernote’s Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service." But the matter of relief for the millions of its users are that, whether the hackers have gained access inside Evernote user information, which includes usernames, email addresses associated with Evernote accounts, but due to salted encryption; hackers fail to gain decrypt those  credentials. But to avoid further massacre Evernote did password reset of all it's registered users. Phil Libin, Evernote’s CEO and founder, told press that the services are running, although if you try to access the site things may not work as normal at the moment: “We just pushed out a password reset, so the servers are going to be saturated for a bit,” he wrote. “Everything is up, although response is choppy. There’s no threat to user data that we’re aware of” -said Phil. Evernote also claimed that also have no evidence of any payment information for Evernote Premium or Evernote Business customers was accessed during the hack. 
The security response team of Evernote apologized for the annoyance of having to change your password, but, ultimately, they believed that; this simple step will result in a more secure Evernote experience.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Chinese Hackers Breached New York Times & Stolen Employee's Password

Posted by Avik Sarkar On 2/03/2013 01:54:00 am

Chinese Hackers Breached New York Times & Stolen Employee's Password 

Yet again the story of cyber espionage by Chinese hackers spotted in the wild, when the famous and one of the most popular American news daily reported that their system has been compromised by a round of sophisticated cyber attack generated from China. After the hack of White House unclassified network, it is the second time in last six month; when Chinese hackers have targeted the American cyber spaceThe New York Times has reported that for the last four months Chinese hackers have been infiltrating its networks, broken into the email accounts of senior staff, stolen the corporate passwords for every Times employee and used those to gain access to the personal computers of  more than 50 employees
According to a blog post of NYT - The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings. Security experts hired by The Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods that some consultants have associated with the Chinese military in the past, breached The Times’s network. They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Mr. Wen’s relatives, and Jim Yardley, The Times’s South Asia bureau chief in India, who previously worked as bureau chief in Beijing. 
“Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” said Jill Abramson, executive editor of The Times. The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by The Times. This matches the subterfuge used in many other attacks that Mandiant has tracked to China.

Cyber Espionage of China (2011-2012) at a Glance:-
While talking about this cyber attack, we would like to refresh your memory last two years, where the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power GridAlso in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 
All those above stories it has been clearly identified that China was the point of those said attacks, but it doesn't necessarily prove that it the operation is backed by the Chinese government or intelligence services. It could just as easily be a patriotic group of skilled, independent Chinese hackers upset with how the Western media is portraying their country's rulers. For all kind of cyber related topics and expert reviews on those matters just stay tuned  with only VOGH




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Security Breach: Twitter Unintentionally Resets More Passwords Than Accounts Hacked

Posted by Avik Sarkar On 11/10/2012 12:57:00 am

Security Breach: Twitter Unintentionally Resets More Passwords Than Accounts Hacked

Yet again the famous micro blogging site Twitter faced security challenge. Tuesday a huge number of Twitter users across the globe received  emails warning that their account may have been compromised and their passwords had been reset as a precautionary measure to prevent unauthorized access. In the e-mail, the microblogging company noted: "Twitter believes that your account may have been compromised by a Web site or service not associated with Twitter. We've reset your password to prevent others from accessing your account."

It remains unclear how many have been affected by the password reset e-mail or what's caused the mass e-mailing of its users. A post by TweetSmarter on Wednesday noted that in some cases when "large numbers of Twitter accounts have been hijacked," the company sends out these e-mails en masse, even sending messages to accounts that may not have been affected by any hack or hijack to err on the side of caution. The emails are apparently legitimate, though they were sent to more than victims of compromised accounts. The mass email coincided with incidents involving several high-profile accounts, including at least one account belonging to the BBC. Other media organisations, such as the TechCrunch blog, reported being warned. 
"We’re committed to keeping Twitter a safe and open community," reads a notice the company issued earlier Thursday. "As part of that commitment, in instances when we believe an account may have been compromised, we reset the password and send an email letting the account owner know this has happened along with information about creating a new password. This is a routine part of our processes to protect our users. "In this case, we unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised. We apologize for any inconvenience or confusion this may have caused."
Twitter officials have not disclosed how many uncompromised accounts had passwords reset, nor any more on the attack that led to those actions. The social media site currently has 140 million active usersSome victims reported having select tweets deleted, while others started sending out spam.

-Source (CNET)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Security Flaws Allowing Hackers to Brute Force Twitter Passwords

Posted by Avik Sarkar On 10/04/2012 01:57:00 am

Security Flaws Allowing Hackers to Brute Force Twitter Passwords 

A security flaw has been discovered in popular micro blogging site 'Twitter' which is allowing an malicious attack to brute force user's passwords.  On Saturday, multimedia producer and Twitter user Daniel Dennis Jones (@blanket) received a notification that his Twitter password had been reset. This alone would have been cause for concern; at the very least, it would mean that someone had tried and failed to access his account. He quickly found out that the problem was much worse than he expected. He was eventually able to log back into the account, but found that his username had been changed to @FuckMyAssHoleLO , and that @blanket was now operated by someone else. His account, in other words, had clearly been hacked. After seeing the above scenario it is very clear that - Twitter's password reset process allows hackers to attempt a more wide-ranging brute force approach to breaking into accounts than other services with more restrictive systems. Both Apple and Amazon quickly closed the loopholes that led to Honan's hack, but Twitter accounts (the ultimate prize Honan's hackers were after) remain surprisingly vulnerable to unsophisticated hacking efforts. That vulnerability was on display this past weekend as a desirable group of "OG" Twitter handles the short, memorable, one-word names that got snapped up when the service launched were brute-force hacked by a group of kids looking to make a little cash and impress their friends.

Daniel Jones is not the only victim of this recently discovered vulnerability, many other people around the globe also fallen victim of this security hole. After a day of research, Jones "got to the bottom of a little ring of kids who crack passwords to gain access to handles" - he found a number of other short, memorable handles like @hah, @captain, and @craves had also been hacked. Judging from the conversations he saw over Twitter, these hackers were not sophisticated social engineers, but just a group of teenagers trying to sell the names they had collected. Eventually, Jones had a long Skype conversation with a 14-year-old hacker who goes by Mason he wasn't the one who stole @blanket from Jones, but he was part of the young crew grabbing and selling these desirable names.
Of course, Twitter's security regimen is probably not all that different from that of many other sites. According to Jeremiah Grossman, CTO and co-founder of Whitehat Security, the attack that victimized Jones was "very, very common....Perhaps Twitter could have a bit stronger and more comprehensive approach to dealing with brute force attacks, but they can really only take it so far before annoying their users." 
We personally think that, after this case twitter should implement two step authentication, like Google to prevent its user getting compromised


-Source (Buzz Feed & CNET)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Ekoparty Conference: Stealth Password Cracking Vulnerability Found in Oracle Database

Posted by Avik Sarkar On 9/23/2012 12:05:00 am

Ekoparty Conference: Stealth Password Cracking Vulnerability Found in Oracle Database

Researchers unveiled serious vulnerability in the authentication protocol used by some Oracle databases, a flaw that could enable a remote attacker to brute-force a token provided by the server prior to authentication and determine a user's password. The attacker could then log on as an authenticated user and take unauthorized actions on the database. The vulnerability exists in Oracle Database 11g Releases 1 and 2 and is caused by a problem with the way the authentication protocol protects session keys when users try to log in. The first step in the authentication process when a client contacts the database server is for the server to send a session key back to the client, along with a salt. The vulnerability enables an attacker to link a specific session key with a specific password hash. The researcher who discovered the bug named Esteban Martinez Fayó has also released a tool that can crack some simple passwords in about five hours on a normal PC.  Fayó is a security specialist of AppSec Inc, he demonstrated his findings at the Ekoparty conference which is currently taking place in Buenos Aires. 
According to Esteban Martinez Fayo "This Session Key is a random value that the server generates and sends as the initial step in the authentication process, before the authentication has been completed.  This is the reason why this attack can be done remotely without the need of authentication and also, as the attacker can close the connection once the Session Key has been sent, there is no failed login attempt recorded in the server because the authentication is never completed."  He also staid "Once the attacker has a Session Key and a Salt (which is also sent by the server along with the session key), the attacker can perform a brute force attack on the session key by trying millions of passwords per second until the correct one is found.  This is very similar to a SHA-1 password hash cracking.  Rainbow tables can’ t be used because there is a Salt used for password hash generation, but advanced hardware can be used, like GPUs combined with advanced techniques like Dictionary hybrid attacks, which can make the cracking process much more efficient."  
"Basically, I discovered that not all failed login attempts were recorded by the database.  Looking closer at the issue, I located the problem in the way that one of the components of the logon protocol, the Session Key, was protected.  I noticed that, in a certain way, the Session Key was leaking information about the password hash," he added 
Although Oracle closed the hole with the 11.2.0.3 patch set, which introduced the new version 12 of the protocol in mid-2011, Fayó said that there has been no fix for versions 11.1 and 11.2 of the database because the update was never included in any of Oracle's regular "critical patch updates". The researcher explained that unless administrators activate the new protocol manually, the database will continue to use the vulnerable version 11.2 protocol. The vulnerability is in a widely deployed product and is easy to exploit, Fayo said he considers it to be quite dangerous. "The Oracle stealth password cracking vulnerability is a critical one.  There are many components to affirm this: It is easy to exploit, it doesn’t leave any trace in the database server and it resides in an essential component of the logon protocol," he said.
"It is very simple to exploit.  The attacker just needs to send a few network packets or use a standard Oracle client to get a Session Key and Salt for a particular user.  Then, an attack similar to that of cracking SHA-1 password hash can be performed. I developed a proof-of-concept tool that shows that it is possible to crack an 8 characters long lower case alphabetic password in approximately 5 hours using standard CPUs."


-Source (Threat Post)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search