Adobe has revealed that apparently a password database from connectusers.com was compromised via a SQL injection attack.[1] Ars Technica reports that the passwords were hashed using MD5 (not clear whether they were salted or not).[2] Do we really need to remind you what constitutes a strong password and not to reuse them? Some previous password diaries that might be of interest: Potential leak of 6.5+ million LinkedIn password hashes Critical Control 11: Account Monitoring and Control Theoretical and Practical Password Entropy An Impromptu Lesson on Passwords Password Rules: Change them every 25 years (or when you know the target has been compromised) References:
--------------- |
Jim 419 Posts ISC Handler Nov 15th 2012 |
Thread locked Subscribe |
Nov 15th 2012 8 years ago |
That might well explain the large number of messages claiming to be from LinkedIn which have evil attachments/links.
|
KBR 63 Posts |
Quote |
Nov 15th 2012 8 years ago |
Looks like they weren't salted. What year is this again? FAIL!
http://nakedsecurity.sophos.com/2012/11/15/cracked-passwords-from-alleged-egyptian-hacker-adobe-breachegyptian-hacker-allegedly-breached-adobe-leaked/ |
KBR 1 Posts |
Quote |
Nov 15th 2012 8 years ago |
If a month goes by without a password dump being posted online, THEN it'll be news.
|
No Love. 37 Posts |
Quote |
Nov 19th 2012 8 years ago |
Sign Up for Free or Log In to start participating in the conversation!