#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

hack password | Breaking Cybersecurity News | The Hacker News

Category — hack password
Facebook Buys Leaked Passwords From Black Market, But Do You Know Why?

Facebook Buys Leaked Passwords From Black Market, But Do You Know Why?

Nov 10, 2016
Facebook is reportedly buying stolen passwords that hackers are selling on the underground black market in an effort to keep its users' accounts safe. On the one hand, we just came to know that Yahoo did not inform its users of the recently disclosed major 2014 hacking incident that exposed half a billion user accounts even after being aware of the hack in 2014. On the other hand, Facebook takes every single measure to protect its users' security even after the company managed to avoid any kind of security scandal, data breach or hacks that have recently affected top notch companies. Speaking at the Web Summit 2016 technology conference in Portugal, Facebook CSO Alex Stamos said that over 1.3 Billion people use Facebook every day, and keeping them secure is building attack-proof software to keep out hackers, but keeping them safe is actually a huge task. Stamos said there is a difference between 'security' and 'safety,' as he believes that his team
Over 43 Million Weebly Accounts Hacked; Foursquare Also Hit By Data Breach

Over 43 Million Weebly Accounts Hacked; Foursquare Also Hit By Data Breach

Oct 20, 2016
2016 is the year of data breaches that has made almost every major companies victims to the cyber attacks, resulting in compromise of over billion of online users accounts. Weebly and Foursquare are the latest victims of the massive data breach, joining the list of "Mega-Breaches" revealed in recent months, including LinkedIn , MySpace , VK.com , Tumblr , Dropbox , and the biggest one -- Yahoo . Details for over 43 Million users have been stolen from the San Francisco-based website building service Weebly, according to breach notification site LeakedSource, who had already indexed a copy of the stolen data that it received from an anonymous source. In addition, LeakedSource posted details of the cyber attack in its blog post on Thursday explaining what happened. The attack believed to have been carried out in February 2016. "Unlike nearly every other hack, the Co-founder and CTO of Weebly Chris Fanini fortunately did not have his head buried deeply in the san
Say Goodbye to Phishing: Must-Haves to Eliminate Credential Theft

Say Goodbye to Phishing: Must-Haves to Eliminate Credential Theft

Sep 13, 2024Device Security / Identity Management
Even as cyber threats become increasingly sophisticated, the number one attack vector for unauthorized access remains phished credentials ( Verizon DBIR, 2024 ). Solving this problem resolves over 80% of your corporate risk, and a solution is possible.  However, most tools available on the market today cannot offer a complete defense against this attack vector because they were architected to deliver probabilistic defenses. Learn more about the characteristics of Beyond Identity that allow us to deliver deterministic defenses.  The Challenge: Phishing and Credential Theft Phishing attacks trick users into revealing their credentials via deceptive sites or messages sent via SMS, email, and/or voice calls. Traditional defenses, such as end-user training or basic multi-factor authentication (MFA), lower the risk at best but cannot eliminate it. Users may still fall prey to scams, and stolen credentials can be exploited. Legacy MFA is a particularly urgent problem, given that attackers
End of SMS-based 2-Factor Authentication; Yes, It's Insecure!

End of SMS-based 2-Factor Authentication; Yes, It's Insecure!

Jul 27, 2016
SMS-based Two-Factor Authentication (2FA) has been declared insecure and soon it might be a thing of the past. Two-Factor Authentication or 2FA adds an extra step of entering a random passcode sent to you via an SMS or call when you log in to your account as an added layer of protection. For example, if you have 2FA enabled on Gmail, the platform will send a six-digit passcode to your mobile phone every time you sign in to your account. But, the US National Institute of Standards and Technology (NIST) has released a new draft of its Digital Authentication Guideline that says SMS-based two-factor authentication should be banned in future due to security concerns. Here's what the relevant paragraph of the latest DAG draft reads: "If the out of band verification is to be made using an SMS message on a public mobile telephone network, the verifier SHALL verify that the pre-registered telephone number being used is actually associated with a mobile network and not wi
cyber security

DevOps Security Best Practices

websiteWizDevOps / Secure Coding
Develop securely from code to cloud with this DevOps Security Cheat Sheet from Wiz. Take a deep dive into secure coding, infrastructure security, and vigilant monitoring and response.
Instagram Adds Two-Step Verification to Prevent Account from being Hacked

Instagram Adds Two-Step Verification to Prevent Account from being Hacked

Feb 17, 2016
Hijacking an online account is not a complicated procedure, not at least in 2016. Today, Instagram confirmed that the company is in the process to roll out two-factor authentication for its 400 Million users. It is impossible to make your online accounts hack-proof, but you can make them less vulnerable. Then what you can do to protect yourselves from hackers? Several companies provide more enhanced steps like Encrypted Channel Services, Security Questions, Strict Password Policy and so on. But, what would you do if a hacker had somehow managed to access your accounts' passwords? Since the online accounts do not have an intelligent agent inbuilt to verify whether the person is the legit driver of the account; beyond a username and password match. Hence the concept of Two-Factor Authentication (2FA) born out! Jumbos like Google, Facebook, Twitter and Amazon have already blended the 2FA feature with their services to tackle account hijacking. 2-F
Mr. Grey Hacker (Wanted by FBI) Steals 1.2 BILLION Login Passwords

Mr. Grey Hacker (Wanted by FBI) Steals 1.2 BILLION Login Passwords

Nov 26, 2015
That's a lot of Login credentials fetch by a single hacker. The FBI believes a single hacker who goes by the moniker Mr.Grey has stolen login credentials for over 1.2 Billion online accounts – apparently the biggest heist of log-in credentials the FBI has investigated thus far. Yeah, that's not Fifty, but 1.2 Billion Shades of Grey . The information came from the court documents the federal agents submitted to support its search warrant request in 2014, Reuters reported . The cyber security firm ' Hold Security ' initially reported the theft of the credentials last year. It found out that Russian hacking group CyberVor has stolen 1.2 Billion login details and an additional 500 Million email accounts. Botnet Breach These data were said to have been harvested from over 420,000 websites via botnets looking for SQL injection flaws ; the same technique recently used to hack TalkTalk . Botnets are usually employed to attack an individual targ
Expert Insights / Articles Videos
Cybersecurity Resources