Security Alerts & News
by Tymoteusz A. Góral

History
#1283 Dota 2 forum breach leaks 2 million user accounts
A hacker has taken off with almost two million accounts associated with the forum for popular online multiplayer game, Dota 2.

The hack was carried out last month on July 10. The copy of the leaked database was provided to breach notification site LeakedSource.com, which allows users to search their usernames and email addresses in a wealth of stolen and hacked data.

The hacker took advantage of an SQL injection vulnerability used by the older vBulletin forum software, which powers the community.

That allowed them to access the database of limited user data, such as username, email, IP address of the user.

The data also includes the user's hashed password -- which uses the MD5 algorithm, which is widely considered insecure by today's standards, alongside the salt, used to scramble the password further. A member of the LeakedSource group told me that 1.54 million of the passwords -- or about 80 percent -- have already been unscrambled using rudimentary and run-of-the-mill cracking tools.
Read more
#1286 Researchers crack Microsoft feature, say encryption backdoors similarly crackable
#1285 Serious TCP bug in Linux systems allows traffic hijacking
#1284 Windows 10 attack surface grows with Linux support in anniversary update
#1283 Dota 2 forum breach leaks 2 million user accounts
#1282 Microsoft Patch Tuesday – August 2016
#1281 Windows PDF library flaw puts Edge users at risk for RCE
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12