quora hacking | Breaking Cybersecurity News | The Hacker News

The World's most popular question-and-answer website Quora has suffered a massive data breach with unknown hackers gaining unauthorized access to potentially sensitive personal information of about 100 million of its users. Quora announced the incident late Monday after its team last Friday discovered that an unidentified malicious third-party managed to gain unauthorized access to one of its systems and stole data on approximately 100 million users—that's almost half of its entire user base. According to Adam D'Angelo, the chief executive officer and co-founder of Quora, the personal user information compromised in the breach includes: Account information , such as names, email addresses, encrypted (hashed) passwords, and data imported from linked social networks like Facebook and Twitter when authorized by users. Public content and actions , like questions, answers, comments, and upvotes. Non-public content and actions , including answer requests, downvotes,

Nobody is immune to being Hacked! After hacking Mark Zuckerberg's Twitter and Pinterest accounts, Hacking group OurMine has successfully hacked the Quora account Google CEO Sundar Pichai and then cross-posted to his Twitter account. The hack became apparent when OurMine posted messages on Quora through Pichai's account, which then appeared on his official Twitter feed late Sunday night — Thanks to the two accounts being linked. All the tweets in question have since been removed from Pichai's Twitter feed. Unlike Mark Zuckerberg, the three-man team Saudi hackers group did not use password exposed by 2012 LinkedIn data breach; rather they claimed to have discovered a vulnerability in Quora, which is a Q&A community launched in 2010. The group behind OurMine claims it is "testing security" of accounts and teaching people to secure their online accounts better. "We are just testing people security (sic), we never change their passwords, we did it

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or