• Active Topics 

Your Email address and Password have probably been stolen/pwned!

Includes Ethical Hacking, Cybersecurity, Social Engineering and related fields
Post Reply
User avatar
Eli
Senior Expert Member
Reactions: 183
Posts: 5211
Joined: 9 years ago
Location: Tanzania
Has thanked: 75 times
Been thanked: 88 times
Contact:

#1

Hacking is a business of hackers, and they from time-to-time update their skills to beat tight cyber security measures! Hacking member accounts, especially over the websites, forums and many other social media is an increasing activity. A number of compromise reports by the very well respected 'Have I Been Pwned' (Check here if you have been pwned or not) site and Vigilante - a civilian or organization acting in a law enforcement capacity without legal authority, show thousands of breaches, that include stolen email addresses, passwords, IP addresses and more other information.

The most famous cyber attack was in May 2016 (here is another news), where 164 million LinkedIn email addresses and passwords were exposed according to reports on Have I Been Pwned.

"Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data." See more: Have I Been Pwned.

Go here for detailed background on pwned credentials, password reuse, credential stuffing and another billion records in Have I Been Pwned.



How to reduce the risk of being hacked/pwned(owned)?

You can use "pass" - the standard unix password manager:

"Password management should be simple and follow Unix philosophy. With pass, each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities." Read more: https://www.passwordstore.org/

Other alternatives to safeguard yourself from hackers/crackers is to use Two-Factor Authentication or Google 2-Step Verification if you are a Google account user.
0
TSSFL -- A Creative Journey Towards Infinite Possibilities!
Post Reply

Return to “Information Security”

  • Information
  • Who is online

    Users browsing this forum: No registered users and 0 guests