#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

best password manager | Breaking Cybersecurity News | The Hacker News

Massive Data Breach Exposes 6.6 Million Plaintext Passwords from Ad Company

Massive Data Breach Exposes 6.6 Million Plaintext Passwords from Ad Company
Sep 14, 2016
Another Day, Another Data Breach! And this time, it's worse than any recent data breaches. Why? Because the data breach has exposed plaintext passwords, usernames, email addresses, and a large trove of other personal information of more than 6.6 Million ClixSense users. ClixSense, a website that claims to pay users for viewing advertisements and completing online surveys, is the latest victim to join the list of " Mega-Breaches " revealed in recent months, including LinkedIn , MySpace , VK.com , Tumblr , and Dropbox . Hackers are Selling Plaintext Passwords and Complete Website Source Code More than 2.2 Million people have already had their personal and sensitive data posted to PasteBin over the weekend. The hackers who dumped the data has put another 4.4 Million accounts up for sale. In addition to un-hashed passwords and email addresses, the dump database includes first and last names, dates of birth, sex, home addresses, IP addresses, payment histories,

Hey, Music Lovers! Last.Fm Hack Leaks 43 Million Account Passwords

Hey, Music Lovers! Last.Fm Hack Leaks 43 Million Account Passwords
Sep 02, 2016
Another Day, Another Data Breach! If you love to listen to music online and have an account on Last.fm website, your account details may have compromised in a data breach that leaked more than 43 Million user personal data online. Last.fm was hacked in March of 2012 and three months after the breach, London-based music streaming service admitted to the incident and issued a warning, encouraging its users to change their passwords. But now it turns out that the Last.fm data breach was massive, and four years later the stolen data have surfaced in the public. The copy of the hacked database obtained by the data breach indexing website LeakedSource contained 43,570,999 user records that were originally stolen from Last.fm on March 22, 2012, according to timestamps in the database. The leaked records include usernames, hashed passwords, email addresses, the date when a user signed up to the website, and ad-related data. Wait! Have you visited The Hacker News early this wee

Opera Browser Sync Service Hacked; Users' Data and Saved Passwords Compromised

Opera Browser Sync Service Hacked; Users' Data and Saved Passwords Compromised
Aug 27, 2016
Opera has reset passwords of all users for one of its services after hackers were able to gain access to one of its Cloud servers this week. Opera Software reported a security breach last night, which affects all users of the sync feature of its web browser. So, if you've been using Opera's Cloud Sync service , which allows users to synchronize their browser data and settings across multiple platforms, you may have hacked your passwords, login names, and other sensitive data. Opera confirmed its server breach on Friday, saying the "attack was quickly blocked" but that it "believe some data, including some of [their] sync users' passwords and account information, such as login names, may have been compromised." Opera has around 350 Million users across its range products, but around 1.7 Million users using its Sync service had both their synchronized passwords as well as their authentication passwords leaked in the hack. Since the company has already reset pas

Guide: Secure Your Privileged Access with Our Expert-Approved Template

cyber security
websiteDelineaIT Security / Access Control Security
Transform your Privileged Access Management with our Policy Template—over 40 expertly crafted statements to elevate compliance and streamline your security.

A SaaS Security Challenge: Getting Permissions All in One Place 

A SaaS Security Challenge: Getting Permissions All in One Place
May 08, 2024Attack Surface / SaaS Security
Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user's base permission is determined by their role, while additional permissions may be granted based on tasks or projects they are involved with. Layered on top of that are custom permissions required by an individual user.  For example, look at a sales rep who is involved in a tiger team investigating churn while also training two new employees. The sales rep's role would grant her one set of permissions to access prospect data, while the tiger team project would grant access to existing customer data. Meanwhile, special permissions are set up, providing the sales rep with visibility into the accounts of the two new employees. While these permissions are precise, however, they are also very complex. Application admins don't have a single screen within these applications th

Hacker reveals How He Could have Hacked Multiple Facebook Accounts

Hacker reveals How He Could have Hacked Multiple Facebook Accounts
Aug 27, 2016
How to Hack a Facebook Account? That's possibly the most frequently asked question on the Internet today. Though the solution is hard to find, a white hat hacker has just proven how easy it is to hack multiple Facebook accounts with some basic computer skills. Your Facebook account can be hacked, no matter how strong your password is or how much extra security measures you have taken. No joke! Gurkirat Singh from California recently discovered a loophole in Facebook's password reset mechanism that could have given hackers complete access to the victim's Facebook account, allowing them to view message conversations and payment card details, post anything and do whatever the real account holder can. The attack vector is simple, though the execution is quite difficult. The issue, Gurkirat ( @GurkiratSpeca ) says, actually resides in the way Facebook allows you to reset your password. The social network uses an algorithm that generates a random 6-digit passcode ‒

Epic Games Forum Hacked, Once Again — Over 800,000 Gamers' Data Stolen

Epic Games Forum Hacked, Once Again — Over 800,000 Gamers' Data Stolen
Aug 23, 2016
If you are a fan of Unreal Tournament from Epic Games or ever have participated in discussions on the online forums run by Epic Games, you possibly need to change your forum password as soon as possible. It seems the Unreal Engine and its creators, Epic Games' forums have recently been compromised by an unknown hacker or a group of hackers, who have stolen more than 800,000 forum accounts with over half a Million from the Unreal Engine's forums alone. The hackers get their hands on the forum accounts by exploiting a known vulnerability resided in an outdated version of the vBulletin forum software, which allowed them to get access to the full database. Epic believes registration information that includes usernames, scrambled passwords, email addresses, dates of birth, IP addresses, and date of joining, may have been obtained in the attack. "We believe a recent Unreal Engine and Unreal Tournament forum compromise revealed email addresses and other data entered in

Hacker Selling 200 Million Yahoo Accounts On Dark Web

Hacker Selling 200 Million Yahoo Accounts On Dark Web
Aug 02, 2016
Hardly a day goes without headlines about any significant data breach. In the past few months, over 1 Billion account credentials from popular social network sites, including LinkedIn , Tumblr , MySpace and VK.com were exposed on the Internet. Now, the same hacker who was responsible for selling data dumps for LinkedIn, MySpace, Tumblr and VK.com is now selling what is said to be the login information of 200 Million Yahoo! users on the Dark Web . 200 Million Yahoo! Logins for 3 BTC The hacker, who goes by the pseudonym " Peace " or "peace_of_mind," has uploaded 200 Million Yahoo! credentials up for sale on an underground marketplace called The Real Deal for 3 Bitcoins (US$1,824). Yahoo! admitted the company was "aware" of the potential leak, but did not confirm the authenticity of the data. The leaked database includes usernames, MD5-hashed passwords and date of births from 200 Million Yahoo! Users. In some cases, there is also the backup e

Best Free Password Manager Software You Can Download For 2018

Best Free Password Manager Software You Can Download For 2018
Jul 30, 2016
When it comes to safeguarding your Internet security, installing an antivirus software or running a Secure Linux OS on your system does not mean you are safe enough from all kinds of cyber-threats. Today majority of Internet users are vulnerable to cyber attacks, not because they aren't using any best antivirus software or other security measures, but because they are using weak passwords to secure their online accounts. Passwords are your last lines of defense against online threats. Just look back to some recent data breaches and cyber attacks, including high-profile data breach at OPM ( United States Office of Personnel Management ) and the extra-marital affair site Ashley Madison , that led to the exposure of hundreds of millions of records online. Although you can not control data breaches, it is still important to create strong passwords that can withstand dictionary and brute-force attacks . You see, the longer and more complex your password is, the much harder

LastPass Bug Lets Hackers Steal All Your Passwords

LastPass Bug Lets Hackers Steal All Your Passwords
Jul 27, 2016
A critical zero-day flaw has been discovered in the popular cloud password manager LastPass that could allow any remote attacker to compromise your account completely. LastPass is one of the best password manager that also available as a browser extension that automatically fills credentials for you. All you need is to remember one master password to unlock all other passwords of your different online accounts, making it much easier for you to use unique passwords for different sites. However, the password manager isn't as secure as it promises. Also Read:  Popular Password Managers Are Not As Secure As You Think Google Project Zero Hacker Tavis Ormandy discovered several security issues in the software that allowed him to steal passwords stored with LastPass. " Are people really using this LastPass thing? I took a quick look and can see a bunch of obvious critical problems. I'll send a report asap ," Ormandy revealed on Twitter . Once compromise a v

Password Security — Who's to Blame for Weak Passwords? Users, Really?

Password Security — Who's to Blame for Weak Passwords? Users, Really?
Jan 26, 2016
The majority of Internet users are vulnerable to cyber threats because of their own weaknesses in setting up a strong password. But, are end-users completely responsible for choosing weak passwords? Give a thought. Recently we wrote an article revealing the list of Worst Passwords of 2015 that proved most of us are still using bad passwords, like ' 123456 ' or ' password ,' to secure our online accounts that when breached could result in critical information loss. If the end-user is to blame for weak password security, then the solution is to educate each and every Internet user to follow the best password security practice. But is that really possible? Practically, No. Even after being aware of best password security measures, do we really set strong passwords for every website? I mean EVERY. Ask yourself. Who's Responsible for allowing Users to Set a Weak Password? It's the websites and their developers, who didn't enforce a
Expert Insights
Cybersecurity Resources