Jump to content

Search the Community

Showing results for tags 'accounts'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 7 results

  1. Google has announced one more: custom URLs are now rolling out to almost everyone. If you don’t see the option yet on your Google+ profile or Google+ Page, don’t worry: Google says it is expanding availability throughout the week. For those who don’t know what custom URLs (also called vanity URLs) are, here’s quick example. Currently, my Google+ profile is located at plus.google.com/u/0/103897375441006577816/. If I were to get a custom URL, I could maybe changed it to plus.google.com/+emil or plus.google.com/+epro, swapping out the string of numbers for something that is much easier to share. Google first started testing custom URLs back in the middle of August 2012. About a week later, the company started notifying individuals and brands with verified accounts, but then it largely stopped expanding the feature. Now that’s finally changing. If your profile meets the following criteria, Google+ will let you claim a custom URL: Has a profile photo Has at least 10 followers Has an account that’s at least 30 days old. At the same time, brands and businesses that have a linked website or a verified local business can claim a custom URL for their Google+ page as well. If you fall into either of these categories, you’ll want to read more about link and verification over at the Google+ Help Center. Once you meet the eligibility criteria and Google prepares your custom URL, you can just visit your Google+ profile or Google+ page to begin the claiming process. Until then, you’ll just have to wait patiently, probably playing with all the other Google+ features that rolled out today. source: tnw
  2. Roughly 400,000 Avast users' account details have been compromised, following a cyber raid on the security firm's forums. Avast Software CEO Vince Steckler revealed the breach in a blog post, confirming around 0.2 percent of the firm's 200 million users' details were compromised during the attack. The attack occurred over the weekend and forced Avast to shut down its forum. It is currently unclear how the breach occurred, though Steckler said Avast believes the hackers leveraged a vulnerability in third party software being used to host the forum. "This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately," read the post. Steckler said no financial information was stolen during the raid and that key bits of the compromised information, including passwords, were encrypted. "The Avast forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised," read the post. Despite the encryption, Steckler recommended users change their login details as soon as possible. "Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords. If you use the same password and user names to log into any other sites, please change those passwords immediately," read the post. Steckler said Avast is migrating its forum to a more secure software platform to avoid further data breaches. Avast is one of many firms to suffer data breaches in the past few months. Last week eBay confessed hackers had managed to steal customers' passwords, usernames, email addresses, addresses, phone numbers and dates of birth during an attack in February while US retailer Target was hit last year. Source
  3. Hi guys.TorrentLeech or should i say the faimous TL just now posted on thier facebook page that they are taking in new members into thier family. More exacly ? 10k new members by using SUMMER2014 as an invite code when your go and register for an account. http://www.torrentleech.org/user/account/signup 10 years old tracker.In our days this must mean something,i think :). Enjoy and happy downloading.
  4. Access is sold for $100 to $1500 per account, depending on the company size and exec role. A threat actor is currently selling passwords for the email accounts of hundreds of C-level executives at companies across the world. The data is being sold on a closed-access underground forum for Russian-speaking hackers named Exploit.in, ZDNet has learned this week. The threat actor is selling email and password combinations for Office 365 and Microsoft accounts, which he claims are owned by high-level executives occupying functions such as: CEO - chief executive officer COO - chief operating officer CFO - chief financial officer or chief financial controller CMO - chief marketing officer CTOs - chief technology officer President Vice president Executive Assistant Finance Manager Accountant Director Finance Director Financial Controller Accounts Payables Access to any of these accounts is sold for prices ranging from $100 to $1,500, depending on the company size and user's role. The seller's ad on Exploit.in Image via KELA A source in the cyber-security community who agreed to contact the seller to obtain samples has confirmed the validity of the data and obtained valid credentials for two accounts, the CEO of a US medium-sized software company and the CFO of an EU-based retail store chain. The source, which requested that ZDNet not use its name, is in the process of notifying the two companies, but also two other companies for which the seller published account passwords as public proof that they had valid data to sell. These were login details for an executive at a UK business management consulting agency and for the president of a US apparel and accessories maker. Sample login provided by the seller as public proof The seller refused to share how he obtained the login credentials but said he had hundreds more to sell. According to data provided by threat intelligence firm KELA, the same threat actor had previously expressed interest in buying "Azor logs," a term that refers to data collected from computers infected with the AzorUlt info-stealer trojan. Infostealer logs almost always contain usernames and passwords that the trojan extracts from browsers found installed on infected hosts. This data is often collected by the infostealer operators, who filter and organize it, and then put it on sale on dedicated markets like Genesis, on hacking forums, or they sell it to other cybercrime gangs. "Compromised corporate email credentials can be valuable for cybercriminals, as they can be monetized in many different ways," KELA Product Manager Raveed Laeb told ZDNet. "Attackers can use them for internal communications as part of a 'CEO scam' - where criminals manipulate employees into wiring them large sums of money; they can be used in order to access sensitive information as part of an extortion scheme; or, these credentials can also be exploited in order to gain access to other internal systems that require email-based 2FA, in order to move laterally in the organization and conduct a network intrusion," Laeb added. But, most likely, the compromised emails will be bought and abused for CEO scams, also known as BEC scams. According to an FBI report this year, BEC scams were, by far, the most popular form of cybercrime in 2019, having accounted for half of the cybercrime losses reported last year. The easiest way of preventing hackers from monetizing any type of stolen credentials is to use a two-step verification (2SV) or two-factor authentication (2FA) solution for your online accounts. Even if hackers manage to steal login details, they will be useless without the proper 2SV/2FA additional verifier. Source
  5. Accounts of some Reddit users have been locked out or suspended due to irregular behavior that could suggest unauthorized access. The Reddit security team has stated that they plan on allowing affected users to perform a password reset in a few hours time. The suspected cause for the unusual activity seen from the locked accounts is a credential stuffing attack, which takes advantage of users’ practice of reusing the same login password for multiple websites and online services. Recycling credentials is a dangerous habit because it presents a hacker with the opportunity to test stolen username/password across other services. If they work, the attacker gains access to other accounts with minimum effort. Unauthorized access spotted in some cases Some users are not convinced that a credential stuffing attack is a possible explanation for the precautionary measure, saying that their Reddit credentials were unique and sufficiently strong. One member suggested a “check for reddit data/security leaks instead of only user-errors.” Another suggested a large scale account hijacking scenario, similar to what happened recently to 50 million Facebook accounts due to a vulnerability that allowed the stealing of access tokens. However, multiple users reported that the activity log for their account showed that it had been accessed from different countries (Italy, Brazil, Russia, Bangladesh, Thailand). One of them admitted to having a simple password. Users slowly regaining access to their accounts It is unclear how many accounts have been locked, but in a post a few hours ago, Reddit admin Sporkicide refers to “a large group of accounts.” Reddit is working on establishing normal access conditions and affected users with an email address associated to the Reddit account should receive a notification to reset their password. However, access to Reddit is possible without a password, and Sporkicide says that users falling in this category should try the login page until they are able to gain access again; this does not mean, though, that you should constantly refresh the page until access is permitted. Another way to receive the notification is if you have added an email address to any support ticket you sent in. A user stated they received the password notification below after initially being delivered a note informing that their account had been permanently suspended for breaking the rules. He claims he had done nothing wrong to get the suspension. “It may be a little while before you receive your notice, but please be patient. There’s no need to file additional support tickets or send messages to the admins at this time,” Sporkicide says. At the moment, some users have regained access to their Reddit account, but others are still waiting for the password reset notification. Sporkicide urges users to choose strong, unique passwords and encourages adding a valid email address to the account and turning on two-factor authentication (2FA) protection. The recommendation from Reddit’s security team is to use at least 12 characters for the password, or, better yet, a short sentence. Source
  6. Users of credit monitoring site Credit Karma have complained that they were served other people’s account information when they logged in. Many took to a Reddit thread and complained on Twitter about the apparent security lapse. “First time logging in it gave me my information, but as soon as I refreshed the screen, it gave me someone else’s info,” said one Reddit user. “Refreshed again and bam! someone else’s info — it’s like roulette.” Another user said they logged in and out several times and each time they had “full access to a different random person’s credit file,” they said. One user told TechCrunch that after they were served another person’s full credit report, they messaged the user on LinkedIn “to let him know his data was compromised.” Another user told us this: The reports are split into two sections: Credit Factors — things like number of accounts, inquiries, utilization; and Credit Reports — personal information like name, address, etc.. The Credit Reports section was my own information, but the Credit Factors section definitely wasn’t. It listed four credit card accounts (I have more like 20 on my report), a missed payment (I’m 100% on time with payments), a Honda auto loan (never had one with Honda), student loan financing (mine are paid off and too old to appear on my report), and cards with an issuer that I have no relationship with (Discover). Several screenshots seen by TechCrunch show other people’s accounts, including details about their credit card accounts and their current balance. Another user who was affected said they could read another person’s Credit Factors — including derogatory credit marks — but that the Credit Report tab with that user’s personal information, like names and addresses, was blank. One user said that the login page was pulled offline for a brief period. “We’ll be right back,” the login page read instead. Credit Karma spokesperson Emily Donohue denied there was a data breach, but when asked would not say how many customers were affected. “What our members experienced this morning was a technical malfunction that has now been fixed. There is no evidence of a data breach,” the statement said. The company didn’t say for how long customers were experiencing issues. Credit Karma offers customers free credit score monitoring and reports. The company allows users to check their scores against several major credit agencies, including Equifax, which last month was fined at least $575 million for a 2017 data breach. Source
  7. Firefox Multi-Account Containers introduces sync functionality Mozilla published the Firefox Multi-Account Containers add-on for the Firefox web browser in 2017. The extension introduces options to separate websites by loading them into containers which act independent from one another. Site data, such as the browsing cache or cookies, is restricted to the container the site is loaded in. Other features of Firefox, e.g. bookmarks or extensions, work in all Containers. The functionality may be used to sign-in to multiple accounts on the same site, limit tracking, or separate different browsing tasks, e.g. for work and home, from one another. Several extension developers created add-ons that extend or improve the Containers functionality of the web browser. Containers with Transitions supersedes Mozilla's extension. It introduces a rules-based system to define how sites opened from within a container are opened in the browser. There are also specific container extensions for YouTube, Facebook and Google that limit activity on these sites to specific containers, and the Temporary Containers extension to use temporary containers that delete automatically. Firefox Multi-Account Containers 6.2 The latest version of Firefox Multi-Account Containers introduces support for a long-request feature. It is now possible to sync container data between different devices using Firefox Sync. A click on the extension's icon in the Firefox main toolbar should display a panel that highlights the new feature. You may enable syncing right away with a click on "start syncing" to sync containers and data between devices. Mozilla notes the following on the official company blog: The new sync feature will align Multi-Account Containers on different computers. The add-on carries over Container names, colors, icons, and site assignments on to any other machines with the same Firefox account. Syncing requires a Firefox Account and that you are signed in to the account in the Firefox web browser. Closing Words Firefox users who use the Containers extension and Firefox Sync will find the new sync functionality useful as it keeps Containers data in sync between devices. Landing Page: https://addons.mozilla.org/firefox/addon/multi-account-containers/ Source: Firefox Multi-Account Containers introduces sync functionality (gHacks - Martin Brinkmann)
×
×
  • Create New...