Troy Hunt – Page 5 – WindowsTechs.com

Disqus confirms 2012 database breach impacting 17.5 million users

Posted on October 9, 2017 by Patrick Howell O'Neill

Disqus confirmed a 2012 database breach on Friday impacting some data for 17.5 million users and including information dating back to 2007. “The snapshot includes email addresses, Disqus user names, sign-up dates, and last login dates in plain text for 17.5mm users,” Jason Yan, the company’s CTO, wrote in a blog post. “Additionally, passwords (hashed using SHA1 with a salt; not in plain text) for about one-third of users are included.” The company, which builds a commenting system for news websites, was notified on Thursday by security researcher Troy Hunt. Hunt runs the data breach notification website Have I Been Pwned. No plain text passwords were exposed but, as a precaution, all affected users had their passwords reset and Disqus is recommending changing any related password. The company does “not believe that this data is widely distributed or readily available.”

The post Disqus confirms 2012 database breach impacting 17.5 million users appeared first on Cyberscoop.

Continue reading Disqus confirms 2012 database breach impacting 17.5 million users→

Threatpost News Wrap, September 1, 2017

Posted on September 1, 2017 by Chris Brook

The Onliner spambot, Google’s forthcoming Not Secure warnings for Chrome, the WireX botnet, Sarahah privacy and more are discussed. Continue reading Threatpost News Wrap, September 1, 2017→

Is your email in the latest cache of 711 million pwnd addresses?

Posted on August 31, 2017 by John E Dunn

The huge cache of addresses was discovered on a server based in the Netherlands – and the researchers are trying to get it taken down Continue reading Is your email in the latest cache of 711 million pwnd addresses?→

711 million email addresses found in popular banking malware’s spambot

Posted on August 30, 2017 by Patrick Howell O'Neill

A trove of 711 million email accounts used by a colossal spam operation was found by a Parisian security researcher this week. The collection, hosted on a publicly accessible server in the Netherlands, includes email addresses, corresponding passwords and servers engineered to help the spam avoid inbox filters. Uncovered by a pseudonymous researcher named Benkow moʞuƎq and reported by blogger and developer Troy Hunt, the spambot known as “Onliner” marks the largest-ever data set loaded into haveibeenpwned.com, a popular breach notification service operated by Hunt. Onliner delivers Ursnif banking malware, ZDNet reported, which is responsible in more than 100,000 global infections. Ursnif is infamous years-old data-stealing malware that has been updated continuously. It’s an evolving threat that can move through numerous attack vectors. In a 2017 report, Palo Alto Networks researchers said “newer versions of the threat allow attackers to steal browsing data such as banking and credit card information, acquire passwords via screenshots and keylogging, […]

The post 711 million email addresses found in popular banking malware’s spambot appeared first on Cyberscoop.

Continue reading 711 million email addresses found in popular banking malware’s spambot→

Spambot Contains ‘Mind-Boggling’ Amount of Email, SMTP Credentials

Posted on August 30, 2017 by Michael Mimoso

Researchers accessed the Onliner spambot and found 711 million records, including email addresses, email and password combinations, and SMTP credentials and configuration files. Continue reading Spambot Contains ‘Mind-Boggling’ Amount of Email, SMTP Credentials→

Voice messages from children sent through an internet-connected toy called CloudPets were stolen from an exposed MongoDB database, which has been wiped clean and the data held for ransom. Continue reading Children’s Voice Messages Leaked in CloudPets Database Breach→

St. Jude Alleges False Claims, Stock Manipulation in Suit Against Med Sec, Muddy Waters

Posted on September 7, 2016 by Michael Mimoso

St. Jude Medical yesterday filed a lawsuit alleging that Muddy Waters and Med Sec made false claims and attempted to manipulate St. Jude stock. Continue reading St. Jude Alleges False Claims, Stock Manipulation in Suit Against Med Sec, Muddy Waters→

Category Archives: Troy Hunt

Disqus confirms 2012 database breach impacting 17.5 million users

Threatpost News Wrap, September 1, 2017

Is your email in the latest cache of 711 million pwnd addresses?

711 million email addresses found in popular banking malware’s spambot

Spambot Contains ‘Mind-Boggling’ Amount of Email, SMTP Credentials

News in brief: cryptocurrency exchange hacked; laptop ban further eased; AA under fire over data breach

This Retail Website Considers Password Security Optional

CloudPets Notifies California AG of Data Breach

Children’s Voice Messages Leaked in CloudPets Database Breach

St. Jude Alleges False Claims, Stock Manipulation in Suit Against Med Sec, Muddy Waters