The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: Search results for crack password

Cracking iPhone Hotspot password in 50 Seconds

Cracking iPhone Hotspot password in 50 Seconds

June 20, 2013Mohit Kumar
The ability to turn your iPhone into a Wi-Fi hotspot is a fantastically useful little tool in and of itself. When setting up a personal hotspot on their iPad or iPhone, users have the option of allowing iOS to automatically generate a password. According to a new study by Researchers at the University of Erlangen in Germany, iOS-generated passwords use a very specific formula one which the experienced hacker can crack in less than a minute. Using an iOS app written in Apple's own Xcode programming environment, the team set to work analyzing the words that Apple uses to generate its security keys . Apple's hotspot uses a standard WPA2 -type process, which includes the creation and passing of pre-shared keys (PSK). They found that the default passwords are made up of a combination of a short dictionary words followed by a series of random numbers and this method actually leaves them vulnerable to  brute force attack . The word list Apple uses contains approximately 52,500
11 Million Ashley Madison Passwords Cracked In Just 10 Days

11 Million Ashley Madison Passwords Cracked In Just 10 Days

September 10, 2015Mohit Kumar
Last month, when hackers leaked nearly 100 gigabytes of sensitive data belonging to the popular online casual sex and marriage affair website ' Ashley Madison ', there was at least one thing in favor of 37 Million cheaters that their Passwords were encrypted . But, the never ending saga of Ashley Madison hack could now definitely hit the cheaters hard, because a group of crazy Password Cracking Group, which calls itself CynoSure Prime , has cracked more than 11 Million user passwords just in the past 10 days, not years. Yes, the hashed passwords that were previously thought to be cryptographically protected using Bcrypt, have now been cracked successfully. Bcrypt is a cryptographic algorithm that makes the hashing process so slow that it would literally take centuries to brute-force all of the Ashley Madison account passwords. How do they Crack Passwords? The Password cracking team identified a weakness after reviewing the leaked data, which included u
How to Hack WiFi Password Easily Using New Attack On WPA/WPA2

How to Hack WiFi Password Easily Using New Attack On WPA/WPA2

November 25, 2018Mohit Kumar
Looking for how to hack WiFi password OR WiFi hacking software? Well, a security researcher has revealed a new WiFi hacking technique that makes it easier for hackers to crack WiFi passwords of most modern routers. Discovered by the lead developer of the popular password-cracking tool Hashcat, Jens 'Atom' Steube, the new WiFi hack works explicitly against WPA/WPA2 wireless network protocols with Pairwise Master Key Identifier (PMKID)-based roaming features enabled. The attack to compromise the WPA/WPA2 enabled WiFi networks was accidentally discovered by Steube while he was analyzing the newly-launched WPA3 security standard . This new WiFi hacking method could potentially allow attackers to recover the Pre-shared Key (PSK) login passwords, allowing them to hack into your Wi-Fi network and eavesdrop on the Internet communications. How to Hack WiFi Password Using PMKID According to the researcher, the previously known WiFi hacking methods require attackers to wai
Cryptography Hacks - Hash Encryption using DuckDuckGo Search Engine

Cryptography Hacks - Hash Encryption using DuckDuckGo Search Engine

January 30, 2014Mohit Kumar
Over the past several months, it has become clear that the Internet and our Privacy have been fundamentally compromised. A Private search engine DuckDuckGo claims that when you click on one of their search results, they do not send personally identifiable information along with your request to the third party. Like Google dorks (advance search patterns), there are thousands of similar, but technically more useful search hacks are also available in DuckDuckGo called DuckDuckGoodies . Today I am going to share about Handy " Cryptography " using DuckDuckGo search engine . Whether you are a Hacker, Cracker or a Researcher, you need to face a number of hash strings in your day to day life. Hashing is a one way encryption of a plain text or a file, generally used to secure passwords or to check the integrity of the file. There is a certain set of hashing algorithms, e.g.md5, sha1, sha-512 etc. A hash function generates the exact output if executed n numbe
Over 43 Million Weebly Accounts Hacked; Foursquare Also Hit By Data Breach

Over 43 Million Weebly Accounts Hacked; Foursquare Also Hit By Data Breach

October 20, 2016Mohit Kumar
2016 is the year of data breaches that has made almost every major companies victims to the cyber attacks, resulting in compromise of over billion of online users accounts. Weebly and Foursquare are the latest victims of the massive data breach, joining the list of "Mega-Breaches" revealed in recent months, including LinkedIn , MySpace , VK.com , Tumblr , Dropbox , and the biggest one -- Yahoo . Details for over 43 Million users have been stolen from the San Francisco-based website building service Weebly, according to breach notification site LeakedSource, who had already indexed a copy of the stolen data that it received from an anonymous source. In addition, LeakedSource posted details of the cyber attack in its blog post on Thursday explaining what happened. The attack believed to have been carried out in February 2016. "Unlike nearly every other hack, the Co-founder and CTO of Weebly Chris Fanini fortunately did not have his head buried deeply in the san
Taringa: Over 28 Million Users' Data Exposed in Massive Data Breach

Taringa: Over 28 Million Users' Data Exposed in Massive Data Breach

September 04, 2017Mohit Kumar
Exclusive — If you have an account on Taringa , also known as "The Latin American Reddit," your account details may have compromised in a massive data breach that leaked login details of almost all of its over 28 million users. Taringa is a popluar social network geared toward Latin American users, who create and share thousands of posts every day on general interest topics like life hacks, tutorials, recipes, reviews, and art. The Hacker News has been informed by LeakBase , a breach notification service, who has obtained a copy of the hacked database containing details on 28,722,877 accounts, which includes usernames, email addresses and hashed passwords for Taringa users. The hashed passwords use an ageing algorithm called MD5 – which has been considered outdated even before 2012 – that can easily be cracked, making Taringa users open to hackers. Wanna know how weak is MD5?, LeakBase team has already cracked 93.79 percent (nearly 27 Million) of hashed passwords s
Hey, Music Lovers! Last.Fm Hack Leaks 43 Million Account Passwords

Hey, Music Lovers! Last.Fm Hack Leaks 43 Million Account Passwords

September 02, 2016Mohit Kumar
Another Day, Another Data Breach! If you love to listen to music online and have an account on Last.fm website, your account details may have compromised in a data breach that leaked more than 43 Million user personal data online. Last.fm was hacked in March of 2012 and three months after the breach, London-based music streaming service admitted to the incident and issued a warning, encouraging its users to change their passwords. But now it turns out that the Last.fm data breach was massive, and four years later the stolen data have surfaced in the public. The copy of the hacked database obtained by the data breach indexing website LeakedSource contained 43,570,999 user records that were originally stolen from Last.fm on March 22, 2012, according to timestamps in the database. The leaked records include usernames, hashed passwords, email addresses, the date when a user signed up to the website, and ad-related data. Wait! Have you visited The Hacker News early this wee
Russian firm Elcomsoft unveils tool to crack BlackBerry encryption security

Russian firm Elcomsoft unveils tool to crack BlackBerry encryption security

September 30, 2011Mohit Kumar
Russian firm Elcomsoft unveils tool to crack BlackBerry encryption security A Russian security company has upgraded a phone-password cracking suite with the ability to figure out the master device password for Research in Motion's BlackBerry devices. Elcomsoft said that before it developed the product, it was believed that there was no way to figure out a device password on a BlackBerry smartphone or PlayBook tablet. BlackBerry smartphones are configured to wipe all data on the phone if a password is typed incorrectly 10 times in a row, the company said. " ElcomSoft Phone Password Breaker " does exactly what it says, enabling its users to recover plain-text passwords governing encrypted backups for BlackBerry smartphones and PlayBook tablets. (The password-breaking tool also works on Apple devices running iOS, such as iPhones and iPads.) The new feature is wrapped into Elcomsoft's Phone Password Breaker. It costs £79 ($123) for the home edition and £199 for the fu
Tesla Cars Can Be Hacked to Locate and Unlock Remotely

Tesla Cars Can Be Hacked to Locate and Unlock Remotely

March 31, 2014Swati Khandelwal
Smart Phones, Smart TVs, Smart Refrigerators, even Smart Cars! When it comes to Smart devices, we simply provide them the master control of various tasks to make our life easy and more comfortable, unaware about its worst impact. At the starting of last month we reported that by using a $20 toolkit called CAN Hacking Tool (CHT) , hackers can hack your Smart Cars, giving entire control of your car to an attacker from windows and headlights to its steering and brakes. Now a new research carried out on the  Tesla Smart car  has proved that the hackers are able to remotely locate or unlock the Tesla Motors Inc. electric vehicles, just by cracking a six-character password using traditional hacking techniques. At the Black Hat Asia security conference in Singapore on Friday, Nitesh Dhanjani , a corporate security consultant and Tesla owner, said a recent study conducted by him on the Tesla Model S sedan pointed out several design flaws in its security system, and there wasn&
Securing Passwords with Bcrypt Hashing Function

Securing Passwords with Bcrypt Hashing Function

April 10, 2014Anonymous
Passwords are the first line of defense against cyber criminals. It is the most vital secret of every activity we do over the internet and also a final check to get into any of your user account, whether it is your bank account, email account, shopping cart account or any other account you have. We all know storing passwords in clear text in your database is ridiculous. Many desktop applications and almost every web service including, blogs, forums eventually need to store a collection of user data and the passwords, that has to be stored using a hashing algorithm. Cryptographic hash algorithms MD5, SHA1, SHA256, SHA512, SHA-3 are general purpose hash functions, designed to calculate a digest of huge amounts of data in as short a time as possible. Hashing is the greatest way for protecting passwords and considered to be pretty safe for ensuring the integrity of data or password. The benefit of hashing is that if someone steals the database with hashed passwords, they o
Apple Weakens iOS 10 Backup Encryption; Now Can Be Cracked 2,500 Times Faster

Apple Weakens iOS 10 Backup Encryption; Now Can Be Cracked 2,500 Times Faster

September 23, 2016Swati Khandelwal
After the iPhone encryption battle between Apple and the FBI , Apple was inspired to work toward making an unhackable future iPhones by implementing stronger security measures even the company can't hack. Even at that point the company hired one of the key developers of Signal — one of the world's most secure, encrypted messaging apps — its core security team to achieve this goal. But it seems like Apple has taken something of a backward step. Apple deliberately weakens Backup Encryption For iOS 10 With the latest update of its iPhone operating system, it seems the company might have made a big blunder that directly affects its users' security and privacy. Apple has downgraded the hashing algorithm for iOS 10 from "PBKDF2 SHA-1 with 10,000 iterations" to "plain SHA256 with a single iteration," potentially allowing attackers to brute-force the password via a standard desktop computer processor. PBKDF2 stands for Password-Based Key Deri
Cracking 16 Character Strong passwords in less than an hour

Cracking 16 Character Strong passwords in less than an hour

May 30, 2013Mohit Kumar
The Password serves to protect your financial transactions, your social networking sites, and a host of other nominally secure websites online. People often say, " don't use dictionary words as passwords. They are horribly unsecure ", but what if hackers also managed to crack any 16 character password ? Criminals or trespassers who want to crack into your digital figurative backyard will always find a way. A team of hackers has managed to crack more than 14,800 supposedly random passwords from a list of 16,449 converted into hashes using the MD5 cryptographic hash function. The problem is the relatively weak method of encrypting passwords called hashing.  Hashing takes each user's plain text password and runs it through a one-way mathematical function. This creates a unique string of numbers and letters called the hash. The article reports that, using a commodity computer with a single AMD Radeon 7970 graphics card, it took him 20 hours to crack 14
Dropbox Hacked — More Than 68 Million Account Details Leaked Online

Dropbox Hacked — More Than 68 Million Account Details Leaked Online

August 30, 2016Swati Khandelwal
Hackers have obtained credentials for more than 68 Million accounts for online cloud storage platform Dropbox from a known 2012 data breach. Dropbox has confirmed the breach and already notified its customers of a potential forced password resets, though the initial announcement failed to specify the exact number of affected users. However, in a selection of files obtained through sources in the database trading community and breach notification service Leakbase , Motherboard found around 5GB of files containing details on 68,680,741 accounts, which includes email addresses and hashed (and salted) passwords for Dropbox users. An unnamed Dropbox employee verified the legitimacy of the data. Out of 68 Million, almost 32 Million passwords are secured using the strong hashing function " BCrypt , " making difficult for hackers to obtain users' actual passwords, while the rest of the passwords are hashed with the SHA-1 hashing algorithm . These password hashes als
Harvard Carr Center for Human Rights Policy Hacked, Password was "DOG" ?

Harvard Carr Center for Human Rights Policy Hacked, Password was "DOG" ?

October 08, 2012Mohit Kumar
Harvard's Carr Center for Human Rights Policy website ( www.hks.harvard.edu/cchrp/ ) was hacked last week  and then silently fixed by the administrator without giving Reply/Credit to the Whitehat Hacker who reported the vulnerability. The Hack incident was performed in 3 Phases as described below: Phase 1: A Hacker , with nickname " FastFive" posted a few sql injection vulnerable Educational sites on a famous Hacking Forum last week which included the SQLi vulnerable link for the Harvard Carr Center for Human Rights Policy website, as you can see in the list in the above screenshot taken by me. Phase 2 : Almost 100's of Hackers have seen the post from " FastFive " and they got some juicy information for their next targets. One of them named, " Vansh " successfully exploit the Harvard's site and  extracted the database onto his computer. He Found the username and Password from the table and tried to login on the Admin access panel location
Boost Your Personal Security With These Killer 2019 Black Friday and Cyber Monday Deals

Boost Your Personal Security With These Killer 2019 Black Friday and Cyber Monday Deals

November 22, 2019The Hacker News
If you're like most consumers, you're probably looking forward to the upcoming Black Friday and Cyber Monday sale events. Who wouldn't want to get all sorts of products and services at massive discounts? But while most consumers are typically eyeing personal gadgets and entertainment appliances, you may want to consider scoring deals on personal security software and devices. Everyone's exposed to both digital and real-world threats these days, so investing in capable security solutions is a must. These tools are often expensive, and you should take advantage of discounts and sales to boost your privacy and personal security. As such, we have compiled some of the best deals that can help you better protect yourself. Here are four of the best deals on personal security products and services that you shouldn't miss: PC Security: Reason Antivirus Despite today's growing number of hacking incidents, most users don't invest in their digital s
Facebook CEO Zuckerberg's Twitter, Pinterest accounts Hacked! And the Password was...

Facebook CEO Zuckerberg's Twitter, Pinterest accounts Hacked! And the Password was...

June 06, 2016Mohit Kumar
The man who runs the biggest social network and continuously implements new security measures to boost its billion users security, himself failed to follow basics of Internet security for his own online accounts. Yes, I'm talking about Facebook CEO Mark Zuckerberg , who had his Twitter and Pinterest accounts compromised on Sunday. The hacker group from Saudi Arabia, dubbed OurMine , claimed responsibility for the hack and guess how the group did it? Thanks to the LinkedIn data breach ! The hackers tweeted that they found Zuck's account credentials in the recent LinkedIn data breach, from which they took his SHA1-hashed password string and then broke it and tried on several social media accounts. Also Read: Hacker Removed Zuckerberg's Facebook Cover Photo The group, which has more than 40,000 Twitter followers, then successfully broke into Zuck's Twitter ( @finkd ) and Pinterest profile and defaced its banners with its logo as well as tweeted out some offens
Cloud computing best for password hacking !

Cloud computing best for password hacking !

November 19, 2010Mohit Kumar
On-demand cloud computing is a wonderful tool for companies that need some computing capacity for a short time, but don't want to invest in fixed capital for long term. For the same reasons, cloud computing can be very useful to hackers.  A lot of hacking activities involve cracking passwords , keys or other forms of brute force that are computationally expensive but highly parallelizable. For a hacker, there are two great sources for on-demand computing: botnets made of consumer PCs and infrastructure-as-a-service (IaaS) from a service provider. Either one can deliver computing on-demand for the purpose of brute force computation. Botnets are unreliable, heterogeneous and will take longer to "provision." But they cost nothing to use and can scale to enormous size. Researchers have found botnets composed of hundreds of thousands of PCs. A commercial cloud computing offering will be faster to provision, have predictable performance and can be billed to
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.