Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: facebook, gmail and twitter accounts breached SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
facebook, gmail and twitter accounts breached

Spiderlabs published an interesting article on this the other day. http://blog.spiderlabs.com/2013/12/look-what-i-found-moar-pony.html

The list has now appeared on pastebin and is being sold for 0.05 bitcoins.  (last time I checked they made about $600 so far).  

If you haven't already you may want to start looking at the strong authentication options for some of these services. 

Mark H

 

Mark

391 Posts
ISC Handler
Here are links for those who do not know what to search for...

Duo Security Advances Two-Factor Authentication -- hxxps://www.hackdefendr.com/?p=378
- Duo is free for the regular user and offers enterprise class for businesses.
- Duo covers everything from websites, shell access, and email access

Google's 2-Step Verification -- hxxp://www.google.com/landing/2step/
Facebook's Login Approval -- hxxps://www.facebook.com/note.php?note_id=10150172618258920
Twitter's 2 Factor Login -- hxxps://blog.twitter.com/2013/getting-started-with-login-verification
LinkedIn's 2 Factor Login -- hxxp://blog.linkedin.com/2013/05/31/protecting-your-linkedin-account-with-two-step-verification/

J
HackDefendr

65 Posts
Can you provide the pastebin link? I'm searching but not finding them there. Thanks.
Steve

5 Posts
We're getting a number of requests regarding the data set. At this time Trustwave has not released nor will it release a complete set of the discovered data. Stay tuned for a post later today that will discuss what we will release and to whom. Any claim that any related information has been posted on Pastebin is false.

Per Spiderlabs Site. They aren't posting it to Pastebin..
Edward

8 Posts

Sign Up for Free or Log In to start participating in the conversation!