#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

hash password | Breaking Cybersecurity News | The Hacker News

Category — hash password
UNIX Co-Founder Ken Thompson's BSD Password Has Finally Been Cracked

UNIX Co-Founder Ken Thompson's BSD Password Has Finally Been Cracked

Oct 11, 2019
A 39-year-old password of Ken Thompson , the co-creator of the UNIX operating system among, has finally been cracked that belongs to a BSD-based system, one of the original versions of UNIX, which was back then used by various computer science pioneers. In 2014, developer Leah Neukirchen spotted an interesting " /etc/passwd " file in a publicly available source tree of historian BSD version 3, which includes hashed passwords belonging to more than two dozens Unix luminaries who worked on UNIX development, including Dennis Ritchie, Stephen R. Bourne, Ken Thompson, Eric Schmidt, Stuart Feldman, and Brian W. Kernighan. Since all passwords in that list are protected using now-depreciated DES-based crypt(3) algorithm and limited to at most 8 characters, Neukirchen decided to brute-force them for fun and successfully cracked passwords (listed below) for almost everyone using password cracking tools like John the Ripper and hashcat. The ones that she wasn't able to crack
Finland's 3rd Largest Data Breach Exposes 130,000 Users' Plaintext Passwords

Finland's 3rd Largest Data Breach Exposes 130,000 Users' Plaintext Passwords

Apr 06, 2018
Over 130,000 Finnish citizens have had their credentials compromised in what appears to be third largest data breach ever faced by the country, local media reports . Finnish Communications Regulatory Authority (FICORA) is warning users of a large-scale data breach in a website maintained by the New Business Center in Helsinki ("Helsingin Uusyrityskeskus"), a company that provides business advice to entrepreneurs and help them create right business plans. Unknown attackers managed to hack the website ( https://liiketoimintasuunnitelma.com ) and stole over 130,000 users' login usernames and passwords, which were stored on the site in plain-text without using any cryptographic hash. Right after knowing of the breach on 3rd April, the company took down the affected website, which is currently showing "under maintenance" notice with a press release about the incident on its homepage. "We are very sorry for all the people who have been subjected to crime a
5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

Oct 01, 2024Generative AI / Data Protection
Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage. As organizations attempt to balance productivity gains with security concerns, many have been forced to choose between unrestricted GenAI usage to banning it altogether. A new e-guide by LayerX titled 5 Actionable Measures to Prevent Data Leakage Through Generative AI Tools is designed to help organizations navigate the challenges of GenAI usage in the workplace. The guide offers practical steps for security managers to protect sensitive corporate data while still reaping the productivity benefits of GenAI tools like ChatGPT. This approach is intended to allow companies to strike the right balance between innovation and security. Why Worry About ChatGPT? The e
Collision Attack: Widely Used SHA-1 Hash Algorithm Needs to Die Immediately

Collision Attack: Widely Used SHA-1 Hash Algorithm Needs to Die Immediately

Oct 08, 2015
SHA-1 – one of the Internet's widely adopted cryptographic hash function – is Just about to Die. Yes, the cost and time required to break the SHA1 algorithm have fallen much faster than previously expected. According to a team of researchers, SHA-1 is so weak that it may be broken and compromised by hackers in the next three months. The SHA-1 algorithm was designed in 1995 by the National Security Agency (NSA) as a part of the Digital Signature Algorithm. Like other hash functions, SHA-1 converts any input message to a long string of numbers and letters that serve as a cryptographic fingerprint for that message. Like fingerprints, the resulting hashes are useful as long as they are unique. If two different message inputs generate the same hash (also known as a collision ), it can open doors for real-world hackers to break into the security of banking transactions, software downloads, or any website communication. Collision Attacks on SHA-1 Researchers
cyber security

The State of SaaS Security 2024 Report

websiteAppOmniSaaS Security / Data Security
Learn the latest SaaS security trends and discover how to boost your cyber resilience. Get your free…
Securing Passwords with Bcrypt Hashing Function

Securing Passwords with Bcrypt Hashing Function

Apr 10, 2014
Passwords are the first line of defense against cyber criminals. It is the most vital secret of every activity we do over the internet and also a final check to get into any of your user account, whether it is your bank account, email account, shopping cart account or any other account you have. We all know storing passwords in clear text in your database is ridiculous. Many desktop applications and almost every web service including, blogs, forums eventually need to store a collection of user data and the passwords, that has to be stored using a hashing algorithm. Cryptographic hash algorithms MD5, SHA1, SHA256, SHA512, SHA-3 are general purpose hash functions, designed to calculate a digest of huge amounts of data in as short a time as possible. Hashing is the greatest way for protecting passwords and considered to be pretty safe for ensuring the integrity of data or password. The benefit of hashing is that if someone steals the database with hashed passwords, they o
Expert Insights / Articles Videos
Cybersecurity Resources