Ramblings of an old Doc

 

On Neowin, Brad Sams has notified on some ugly news:

“Over two million passwords for Yahoo!, Facebook, Twitter, LinkedIn and others have been posted to the web after a botnet has infected thousands of machines and used a keylogger to obtain passwords. While this breach is not from any particular service, the botnet has clearly been running effectively for some time as it reportedly has over 2 million passwords, 300,000 of which are for Facebook accounts.”

So, if you suspect your account has been hacked, change passwords immediately. Also,

use the online scanners at Kaspersky (or elsewhere) and scan for keystroke loggers since that’s how these minions of the dark side worked their evil.


Comments (Page 2)
3 Pages1 2 3 
on Dec 05, 2013

LightStar


Quoting PoSmedley, reply 10

Quoting LightStar, reply 3the rest of them are garbage sites for children and I don't belong to them

Don't hold back. Tell us how you really feel.

In the meantime, I'll be changing the passwords on LinkedIn and those children sites I belong to.

Isn't Stardock and all of it's staff signed up with a few of those children's sites?

*EDIT - I tried but can't let it go.

You do realize that some of those childrens sites as you would call them are used by employees and members of Stardock and Wincustomize to often 'promote' the Master Skins you make, dontcha? I've even used FB and G+ to promote works of fellow skinners a few times, including work they do unrelated to WC. Just saying. 

I'm sure it looks like I am making a big deal of this, but the comment just seemed kind of heavy handed and not entirely thought out as much as just 'put out' there. If I'm wrong, I apologize.

 

Well, lets just say Po that I guess I should have clarified that. It's just that all I ever see with kids nowadays is them typing away on Facebook or other social sites and not doing anything constructive with their lives, even at the age of 18+. Social sites have totally taken away personal human interaction it seems, no one actually talks to anybody, they just type away.

Like my kids for the most part, rather than call me and ask me a question, they just text, and I find that rude and tell them so. It just seems to me that our society is getting sicker and sicker by the day, and social sites are just one of the contributors. I personally just don't find social sites to be useful in society at all, but that's just my opinion. Kids are even killing themselves after being ranted at on social sites... bullying, and it's sick.

If it is being used for business purposes, I suppose its OK though.

Sorry for any confusion.

 

LOL You do realize that this forum is a social community right? I mean it's not facebook or something _you_ would consider "children sites" but you are socializing with a group of people that are in a personal computing community. So what you mean is that you have nothing against internet socializing as long as it is you and the sites you like? Noted. thanks.

on Dec 05, 2013

on Dec 05, 2013

True, but I don't make it my life or live here, and my computer is not permanently on WC like some who make Facebook/Social sites their life.

 

Oh, and my quick response is only because someone else told me of your post.

 

(Goes back to skinning...)

on Dec 05, 2013

FB, Twitter, etc have their uses, but the amoumt of harm they are allowed to do effectively surpasses the 'benefits'.

They are poorly run and managed.

Heck...I recently thought I was doing the 'socially correct' thing and accepted a whole bunch of 'friend' requests only to discover I was subsequently 'restricted' from access for some form of 'trolling'....and all I did was click on 'yes' or 'ok' - whatever.

So...if anyone feels a NEED to be connected to me via FB....well tough titties...I'm only going to be approachable by genuine human beings....not naive childish users of junkware social media.

I can keep REAL friends without such rubbish....longest-lasting I have known now for 52 years....we went to Primary School together.

Too much damage is done by them....particularly bullying - [resulting in suicides] ... slander, libel and Identity theft.

Yes, so it's [mostly] the fault of who uses it.... but how many of you have heard of instances of Police interaction to have pages removed?

Community 'social' sites [forums] such as Stardock's ARE 'policed'....eg. if someone posts personal information that 'may' cause an issue [to them] it's simply deleted.

I think the next time I log into FB it will to change whatever settings there are in place to stop the email notifications of 'requests' or 'xxx wants you to view his latest photo of Fido' .

Anyone feeling a NEED to contact me....my actual email is on the 'about' page...

on Dec 05, 2013

Karma for  everyone!!!     

on Dec 07, 2013

You may also want to check out this site as well.

https://shouldichangemypassword.com/

I found this via the thread that this thread is linked to on Neowin. It turns out two of my email accounts were compromised. The dates listed for the attacks are around the time Adobe had it's little issue so I don't know which to blame but I went ahead and changed my passwords anyway.

on Dec 07, 2013

Thank you Po!  

on Dec 07, 2013

Keep in mind, even if you update/change your password, that site and the one linked will still tell you it has been compromised, so after changing passwords it won't give you accurate info.

 

Got this from Adobe (changed my password as soon as the hack was publicised):

Important Password Reset Information

As we announced on October 3, Adobe discovered sophisticated attacks on our network involving the illegal access and removal of a backup database containing Adobe IDs and encrypted passwords. We are writing to let you know that your Adobe ID was in the database taken by the attackers -- but, importantly, your current password was not . As a result, we did not reset your password. We have no reason to believe that your Adobe ID account is at risk or that there has been unauthorized activity on your account. The database taken by the attackers came from a backup system that contained many out-of-date records and was designated to be decommissioned. Adobe’s authentication system of record, which cryptographically hashes and salts customer passwords, was not the source of the database that was taken.

However, if you use your old passwords on any other websites, you should change those passwords. We also recommend that you follow password best practices to help ensure your current password is secure:

 

  • Don’t reuse passwords: Your password should be unique to your Adobe ID account. Don’t reuse a password you have previously used with your Adobe ID or a password you are using on any other website.
  • Make sure your password is difficult to guess: Your password should be at least eight (8) characters in length. It should contain a mix of different character sets, such as upper case letters (A-Z), lower case letters (a-z), digits (0-9), and special characters (# $ % & - _ { }). It should not use all or part of your name or your Adobe ID.

 

We deeply regret any inconvenience this may cause you. We value the trust of our customers and are working aggressively to prevent these types of events from occurring in the future. If you have questions, you can learn more by visiting our Customer Care page, which you will find here.

Adobe Customer Care

on Dec 07, 2013

I got a notification from Adobe yesterday about this very thing. I had already changed my email password and the one I use on FB. The others are for youtube, yes I know Google got their greedy fingers in it, but no personal info other than my email and the googler already has that. Besides I have zero personal info out there. Hackers probably hate me! Lol  

on Dec 07, 2013

Be careful with those Adobe alerts. Part of the issue was 'fake' emails being sent out that were/are very similar to the actual email Adobe has sent.

 

  • "Protect yourself against non-legitimate email “phishing” attempts: If you received an email requesting you to change your password, and you’re concerned whether it is legitimate, don't click any links in the email. Instead, type www.adobe.com/go/passwordreset into your browser to be sure."
on Dec 07, 2013

Po' is absolutely correct. 

So I dug this up for whoever's interested. Ten Tips for Spotting A Phishing email:

http://www.techrepublic.com/blog/10-things/10-tips-for-spotting-a-phishing-email/?tag=nl.e101&s_cid=e101&ttag=e101&ftag=TRE684d531

on Dec 07, 2013

Thank you Po and Seth! 

on Dec 09, 2013

Thank you Po, Seth.  Only one of my accounts was hacked.  Only once, way back in 2011.  Pw has been changed since then.  Will change it again.

on Dec 09, 2013

These days i could hardly tell what is a 'real' virus anymore, in this huge war against all this 'legitimate' crap mainstream software/internet companies keep trying to load onto my computer!

on Dec 10, 2013

Once the server I was using caught a bug. One of those bugs from a hole in apache or php, I don't remember which. Every index.* was changed to be on that said something along the line of "surprise, you've been hacked". I spent days fixing index pages and looking for malicious redirects. Not so fun. I always worry about Facebook and Twitter that they might be victim of a leak like that, and who the heck is Linkedin anyway? I got an account but I'm not sure why.

 

*bawl* I missed the karma.

3 Pages1 2 3