Security Alerts & News
by Tymoteusz A. Góral

History
#2247 Hipchat resets user passwords after possible breach
HipChat has reset all its users' passwords after what it called a security incident that may have exposed their names, email addresses and hashed password information.

In some cases, attackers may have accessed messages and content in chat rooms, HipChat said in a Monday blog post. But this happened in no more than 0.05 percent of the cases, each of which involved a domain URL, such as company.hipchat.com.

HipChat didn't say how many users may have been affected by the incident. The passwords that may have been exposed would also be difficult to crack, the company said. The data is hashed, or obscured, with the bcrypt algorithm, which transforms the passwords into a set of random-looking characters. For added security, HipChat "salted" each password with a random value before hashing it.
Read more
#2256 iCloud support scams
#2255 Healthcare CERT warns about ‘Mole’ ransomware – what you need to know
#2254 Facebook tracks scary-specific details about your life. Here’s how to find what it knows
#2253 Linux Shishiga malware using LUA scripts
#2252 Cyberespionage, ransomware big gainers in new Verizon breach report
#2251 More LastPass flaws: researcher pokes holes in 2FA
#2250 FalseGuide malware victim count jumps to 2 million
#2249 UK man gets two years in jail for running ‘Titanium Stresser’ attack-for-hire service
#2248 How free hacking tools on the web could be leading kids into cybercrime
#2247 Hipchat resets user passwords after possible breach
#2246 Pawn storm abuses open authentication in advanced social engineering attacks
#2245 Webroot 'mistakenly' flags Windows as malware and Facebook as phishing site
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12