HaveIBeenPwned.com – Computer Security Articles

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

March 22, 2024 admin A Little Sunshine, dimitiri shelest, Firefox, firefox monitor, haveibeenpwned, HaveIBeenPwned.com, Mozilla Foundation, mozilla monitor, Ne'er-Do-Well News, nuwber, onerep, Spamit, Troy Hunt, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 22 Mar 2024 19:02:41 +0000

The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep’s CEO to admit that he has founded dozens of people-search networks over the years.

Independent Krebs

The Security Pros and Cons of Using Email Aliases

August 10, 2022 admin A Little Sunshine, alex holden, allekabels, data breaches, email alias, HaveIBeenPwned.com, Hold Security, rtl nieuws, Security Tools, Troy Hunt

Credit to Author: BrianKrebs| Date: Wed, 10 Aug 2022 15:10:59 +0000

One way to tame your email inbox is to get in the habit of using unique email aliases when signing up for new accounts online. Adding a “+” character after the username portion of your email address — followed by a notation specific to the site you’re signing up at — lets you create an infinite number of unique email addresses tied to the same account. Aliases can help users detect breaches and fight spam. But not all websites allow aliases, and they can complicate account recovery. Here’s a look at the pros and cons of adopting a unique alias for each website.

Independent Krebs

773M Password ‘Megabreach’ is Years Old

January 17, 2019 admin A Little Sunshine, alex holden, Breadcrumbs, HaveIBeenPwned.com, Hold Security, Mega.nz, Ne'er-Do-Well News, Sanixer, Troy Hunt

Credit to Author: BrianKrebs| Date: Thu, 17 Jan 2019 20:11:08 +0000

My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum. A story in The Guardian breathlessly dubbed it “the largest collection ever of breached data found.” But in an interview with the apparent seller, KrebsOnSecurity learned that it is not even close to the largest gathering of stolen data, and that it is at least two to three years old.

Independent Krebs

A Breach, or Just a Forced Password Reset?

December 4, 2018 admin A Little Sunshine, Aite Group, auth0, Citrix, HaveIBeenPwned.com, Jamie Buranich, Julie Conroy, Okta, ShareFile, Troy Hunt

Credit to Author: BrianKrebs| Date: Tue, 04 Dec 2018 21:45:51 +0000

Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites. Many Sharefile users interpreted this as a breach at Citrix and/or Sharefile, but the company maintains that’s not the case. Here’s a closer look at what happened, and some ideas about how to avoid a repeat of this scenario going forward.

Independent Krebs

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

January 15, 2018 admin abusewithus, Breachalarm, Dutch National Police, FBI, HaveIBeenPwned.com, Jordan Evan Bloom, Leakedsource.com, Ne'er-Do-Well News, Project Adoration, RCMP, Royal Canadian Mounted Police

Credit to Author: BrianKrebs| Date: Mon, 15 Jan 2018 16:44:47 +0000

Canadian authorities have arrested and charged a 27-year-old Ontario man for allegedly selling billions of stolen passwords online through the now-defunct service Leakedsource.com.

Independent Krebs

Hacked Password Service Leakbase Goes Dark

December 3, 2017 admin A Little Sunshine, CFAA, Cybersecurity Law Institute, data breaches, hansa, HaveIBeenPwned.com, leakbase, Money Team, Ne'er-Do-Well News, Orin Kerr, Troy Hunt, x4b hack

Credit to Author: BrianKrebs| Date: Mon, 04 Dec 2017 05:39:53 +0000

Leakbase, a Web site that indexed and sold access to billions of usernames and passwords stolen in some of the world largest data breaches, has closed up shop. A source close to the matter says the service was taken down in a law enforcement sting that may be tied to the Dutch police raid of the Hansa dark web market earlier this year.

Independent Krebs

Who Ran Leakedsource.com?

February 15, 2017 admin 231-343-0295, 68.41.238.208, abusewithus, abusing.rs, Alex Davros, Alexander Marcus Davros, Blackshades, Breachalarm, cyberpay.info, daily-streaming.com, desi parker, DomainTools.com, eadeh_andrew@yahoo.com, Farsight Security, FBI, HaveIBeenPwned.com, hyperfilter.com, imjeremeywade@gmail.com, Jeremy Wade, LeakedSource, leakedsource@chatme.im, leakedsourceonline@gmail.com, Nick Davros, no-ip.biz, Other, panic-stresser, Paypal, Runescape, Secure Gaming LLC, tiny-chats.com, xdavros@gmail.com, xerx3s, xerx3s@chatme.im

Credit to Author: BrianKrebs| Date: Wed, 15 Feb 2017 18:03:06 +0000

Late last month, multiple news outlets reported that unspecified law enforcement officials had seized the servers for Leakedsource.com, perhaps the largest online collection of usernames and passwords leaked or stolen in some of the worst data breaches — including billions of credentials for accounts at top sites like LinkedIn, Myspace, and Yahoo. In a development that may turn out to be deeply ironic, it seems that the real-life identity of Leakedsource’s principal owner may have been exposed by many of the same stolen databases he’s been peddling.