Tag: BREACH

[Full disclosure: AOL is the parent company of both Winamp and Download Squad] Hackers have broken through security protecting the Winamp forum database, compromising the user forums, exposing accounts and email addresses in the process. In a post on the company's forum, Winamp's General Manager, Geno Yoham, explained that an attack was quickly detected and isolated to the Winamp forum ...

eHarmony, the massive online dating site whose late-night TV ads you just can't avoid, has unwittingly given away something much more significant that another weekend of free communication for singles. As reported by security watchdog Brian Krebs, eHarmony has been hacked. The worst part: Krebs and another researcher alerted eHarmony administrators about the flaws which allowed the hack to ...

Very soon now -- probably in a year or two -- once everyone carries a smartphone, there won't be any discernible difference between our offline flesh-and-blood body and our online persona. That's not to say that real-life face-to-face interaction will slither into the abyss -- far from it! -- but we are reaching a stage where almost anything can be done online. This obviously raises security ...

The last couple months of this year are starting to look like Breachfest 2010, and a new report in The Columbus Dispatch indicates that the latest victims are registered owners of Honda and Acura vehicles. As was the case with the McDonald's incident, it wasn't Honda or Acura specifically that was attacked -- but rather a third-party company who handled a customer email database. In addition ...

Sure, it's fun to post comments on websites and converse with your fellow readers, but there's always a little danger involved. Why? Because sometimes the sites where you post those comments rile up the wrong people and wind up with a big security breach -- like the one at Gawker. One of the biggest lessons to be learned from the Gawker fiasco is this: don't use the same password everywhere. ...

It hasn't been smooth sailing for security vendor Kaspersky Labs over the last few years. Back in 2008, the company's Malaysian website was defaced by a Turkish hacker via an SQL injection. In 2009, their U.S. support site was compromised -- again by the use of an SQL injection. Following the second breach, Kaspersky's Roel Schouwenberg lamented, "This is not good for any company, and ...

Password breaches happen on a pretty regular basis, but the one at Rockyou.com was massive -- involving 32 million users. Now that the dust has settled, security firm Imperva has taken the time to do a little analysis of the data involved. Verdict: it's 2010, and people are still using the stupidest passwords imaginable. Here's a quick look at the top ten: 123456 12345 123456789 ...

Twitter's Evan Williams certainly isn't the first famous person to have a "secret question" figured out by a hacker, but I'm always surprised when someone in IT circles falls victim to such an elementary attack. It's not news that secret questions are a terribly bad idea for enabling password resets or protecting account information. For a question to work, the answer truly needs to be a secret. ...