Security Alerts & News
by Tymoteusz A. Góral

History
#1514 As we speak, teen social site is leaking millions of plaintext passwords
A social hangout website for teenage girls has sprung a leak that's exposing plaintext passwords protecting as many as 5.5 million user accounts. As this post went live, all attempts to get the leak plugged had failed.

Operators of i-Dressup didn't respond to messages sent by Ars informing them that a hacker has already downloaded more than 2.2 million of the improperly stored account credentials. The hacker said it took him about three weeks to obtain the cache and that there's nothing stopping him or others from downloading the entire database of slightly more than 5.5 million entries. The hacker said he acquired the e-mail addresses and passwords by using a SQL injection attack that exploited vulnerabilities in the i-Dressup website.
Read more
#1514 As we speak, teen social site is leaking millions of plaintext passwords
#1513 Sofacy APT targeting OSX machines with Komplex trojan
#1512 How Dropbox securely stores your passwords
#1511 Drupal patches multiple security flaws in core engine
#1510 MarsJoke ransomware mimics CTB-Locker
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12