Skip to main content

Mega Hack Discovered

A huge attack on US systems was discovered by security outfits, which has supposedly stolen 1.2 billion user name and password combinations plus over 500 million email addresses.The intrusion was discovered by a company called Hold Security and was alleged to include confidential content collected from 420,000 websites, including household names and small sites. The security outfit has a record of uncovering huge hacks – for instance, it was the one to discover the 2013 theft of tens of millions of records from Adobe Systems. This means that Hold Security could have been seen as a reliable source.

The company claimed that the hacking attack was discovered after over 7 months of research and was being carried out by some unnamed Russian cyber gang. Apparently, the latter now owns the largest cache of stolen information.
Now, what many of the comments about the breach online center on is the fact that the security outfit is offering a $120 per month breach notification service allowing people to find out whether the hackers stole their passwords on file. Another fact that is highlighted in comments is that Hold Security timed its announcement to fit with the Black Hat Security conference with the alleged intention to spark a debate on password security.

As you can see, unanswered questions about the hack remain. The security company said that the hacking collective started out buying stolen credentials on the black market and then used those credentials to launch other attacks. Nevertheless, it remains unclear how many credentials were purchased and how many of the 1.2 billion they culled on their own. In simple words, this huge database (if it even exists) could be just an entirely ancient data.The industry experts also point out that it is unclear whether the alleged stolen passwords came from important financial websites or less important ones. In addition, it is unknown what exactly the hackers are going to do with those details. The experts explain that if the obtained data include fresh credentials for important online services like online banking, they can be used to steal money from online accounts. In the case they are older or from little-used services, the hacker might use the data to send spam by email or post it in online forums.

Comments

Popular posts from this blog

Ten Important Rules Of Ethical Hacking

The world of ethical hacking too is bound by a set of rules and principles, here are 10 crucial ones!

Time and again we have been bringing you valuable resources on ethical hacking since we know and understand the nature of things as far as security goes. Ethical hacking is picking up steam each day with more and more organisations spending heftily to maintain the sanctity of their systems and data. As such, ethical hacking is a glorious career option in the current scheme of things.



1.Set your goals straight

To begin with, an ethical hacker must start thinking like the intruder. He must be able to identify the loopholes on the target access points or networks that are prone to attack, he must be aware of the repercussions of these loopholes and how the intruder can use it against the same. An ethical hacker then has to find out if anyone at the target notice the intruder's attempts to carry out his/her acts. Finding out and eliminating unauthorised wireless access points is always t…

Here Are 7 Brilliant Cheat Sheets For Linux/Unix

There's nothing better than a cheatsheet when you are stuck and need a reference. So here bringing to you 7 brilliant free cheat sheets. 




1. Unix Tool Box: An incredibly exhaustive reference for all things Linux. This document is a collection of Unix/Linux/BSD commands and tasks which are useful for IT work or for advanced users.

2. One page Linux Manual: Great one page reference to the most popular Linux commands, it is a summary of useful Linux commands.

3. Linux Reference Card: One great reference published by FOSSwire.

4. Linux Command Line Cheat Sheet: This is an interestingly sorted and helpful cheat sheet by cheatography.

5. Linux Command Line Tips: This is a linux command line reference for common operations. Cleanly sorted and well described.

6. Treebeard’s Unix Cheat Sheet: A great reference that shows command comparisons with that of DOS. So if you are someone who was a DOS user and has switched to Linux, this is the best one too have!

7. Linux Shortcuts and Commands:…

Extracting Administrator Passwords Using LCP

Extracting Administrator Passwords Using LCP
Link Control Protocol (LCP) is part of the Point-to-Point (PPP) protocol In PPP communications, both the sending and receiving devices send out LCP packets to determine specific information required for data transmission.
■ Use an LCP tool ■ Crack administrator passwords
Tools Needed
■ A computer running Windows Server 2012 ■ A web browser with an Internet connection ■ Administrative privileges to run tools
■ You can also download the latest version of LCP from the link http: / www.lcpsoft.com/engl1sh/1ndex.htm
■ If you decide to download the latest version, then screenshots shown     might differ ■ Follow the wizard driven installation instructions ■ Run this tool in Windows Server 2012 ■ Administrative privileges to run tools ■ TCP/IP settings correctly configured and an accessible DNS server
Overview of LCP
LCP program mainly audits user account passwords and recovers them in Windows 2008 and 2003. General features of this protocol are password recovery, bru…