Posts Tagged with "news"

HipChat was attacked, some data may have been leaked

Posted by Stanislav Furman on April 23, 2017

On Monday April 24, 2017 the HipChat Security team has advised their users that there was a security incident detected which affected a server in the HipChat Cloud. The incident lead to a leak of some account information such as names, email addresses and hashed passwords. For a small number of instances (less than 0.05% according to HipChat), messages and content in rooms may have been accessed too. 

HipChat automatically reset user passwords for those accouts that they believe were affected and some users were asked to update their passwords manually.

In their statement the HipChat team assured that no other of Atlassian services were affected:

Continue reading

Worst passwords ever

Posted by Stanislav Furman on February 14, 2017

In 2016-2017 pretty much all media were talking about hacking that happened during the US presidential campaign (did it actually happened or not - that's a different story). You can see many articles in the Internet and in paper books about how it is important to have a strong password. Seems like everybody should know this now. However, security professionals regularly meet passwords that are ridiculously unsafe.

Guys from Keeper Security, authors of the Keeper Password Manager, have compiled a list of the most commonly used passwords involved in data breaches in 2016. According to this blog post, these unsafe passwords are using in about 50% of 10 million password that were analyzed! Mostly, there are no surprises. People still use passwords like "password", "123456", "qwerty", etc.  Nevertheless, there are some interesting examples such as  “18atcskd2w” and “3rjs1la7qe”. Those passwords seem relatively strong, right? It seems like those passwords were created by bots for spam or flood activities and those passwords were used over and over in different sites.

Continue reading

Gitlab has lost it's database and realised they have no backups

Posted by Stanislav Furman on February 9, 2017

There was an interesting news just in the end of January 2017.

On January 31th, 2017 Gitlab accidentally deleted their production database (git repositories were not affected though). 

What happened. For some reason, replicatation started lagging (PostgreSQL). One of the Gitlab employee some tried to fix the problem by playing with different settings but it did not help. Then, at some point, that employee decided to delete everything and rebuld the replica again. He (or she) tried to delete the folder with the replica data, but mixed up servers and removed the folder on the master (rm -rf on did db1.cluster.gitlab.com instead db2.cluster.gitlab.com).

It could have been not as bad but they realised they had no backups:

Continue reading

Russian hackers steal 1.2 billion user credentials. Is this true?

Posted by Stanislav Furman on August 6, 2014

News agencies reported yesterday and today that a group of Russian hackers has stolen a huge number (1.2 billion!) of usernames and passwords using a botnet. This is apparently could be the largest collection of stolen user credentials in the history (if this fact is actually truth).

According to the news, the theft was discovered by an american security company called Hold Security. They did not disclose exactly what web sites have been attacked, but it was mentioned that it is a number of websites from small to big ones.

I am scratching my head trying to understand two things: 1) How did they discover this theft? 2) How do they know that it was Russian group of hackers?

Continue reading

Ebay asks its users to change passwords

Posted by Stanislav Furman on May 21, 2014

Ebay asks its users to change passwordseBay Inc., the world's largest Internet auction site, just reported a successful attempt of a hacking attack on its servers. Hackers gained access to that part of the eBay database, where website users store their password hashes. The company's specialists claimed that personal data and financial information remains inaccessible to hackers - that type of data is kept separate and well encrypted.

According to the preliminary investigation, the results of which were published on the corporate blog, the attack happened in late February / early March of this year. Hackers gained access to stored user names, password hashes, emails, home address and phone numbers, as well as dates of birth. 

It's been reported that within next 24 hours eBay users should receive an official notification with information about the attack and recommendations on how to reset password on all eBay websites where the user has used the same password.


PHP NG, significant speed-up features coming in PHP 6

Posted by Stanislav Furman on May 15, 2014

Some exciting and promising coming changes in PHP 6 or 7 have been anounced recently by Dmitry Stogov from Zend. A detailed article has been postd here http://news.php.net/php.internals/73888

Briefly, Zend is working on PHP NG (next generation) which will bring better performance and better memory management. According to Dmitry, the PHP application execution typically takes a significant part of the execution time dealing with memory allocations, and that affects PHP performance significantly as well.

I spent a significant amount of time experimenting with JIT, and even created a PoC of transparent LLVM based JIT compiler embedded into OPCache. The results on bench.php was just amazing – (0.219 seconds against 2.175 – *10 times speedup of PHP 5.5*), but on real-life apps we got just few percent speedup., - says Dmitry in his report.

According to his tests PHP developers can gain up to 20% more requests per second (in case with Wordpress for example).

So far it looks like upgrading to PHP NG should be painless (that's the idea). However, some of PHP extensions wil might require some "massage".

Looking forward to test the new PHP 6. Or maybe 7? ;)


Huawei introduces the Ascend P7, its new flagship Android phone

Posted by Stanislav Furman on May 7, 2014

Huawei's Richard Yu introduces the Ascend P7 in Paris on May 7, 2014.

Today, May 7th 2014, Huawei launched its new Ascend P7, a new Android phone which will be their flagship.

Guys from Huawei are going to compete with Samsung and Apple on the smartphone market. Accoring to the sources the new smartphone will have 5-inch 1,920x1,080 display, a 1.8GHz quad-core processor, a 13-megapixel rear-facing camera, an 8-megapixel front-facing camera, and 4G LTE networking. The device will have a trim thickness of 6.5mm.

The price for this new device will be around 430 USD accorting to Huawei Mobile Shop.

Currently, Huawei is taking the third position in global smartphone market trends and they seems to be growing pretty good. It's a good thing, because as we know the good competition is never bad for customers and their pockets. ;-)


Apple has iWatch already in production, report says

Posted by Stanislav Furman on April 30, 2014

Apple has iWatch already in production, report says

According to China Times Apple has already started produciton of the long-rumored wearable computer watch known as the iWatch.

Apple has never officially announced a new wearable device characteristics. However, the company's CEO Tim Cook hinted that it would not be similar to "smart glasses" idea. According to media reports, the device will be have the look of an average dimension bracelet width of with color touchscreen.

It's been said that IWatch release was scheduled for the summer 2014, so it is more-llikely that some of the components for the gadget are ready. Components are typical for various devices such as MP3-players. However, this information is not sufficient to predict the shape of the future gadget.


RIP Nokia? Microsoft renames Nokia to Microsoft Mobile

Posted by Stanislav Furman on April 21, 2014

Nokia-reuters-624x351.jpg

There is a lot of sources saying that Microsoft will rename Nokia to Microsoft Mobile when the deal is closed. It is not officially confimed yet, but looks like it's going there.

Honestly, I don't get why would they make such a decision. Nokia is world-wide known brand. A very good brand.

Anyhow, RIP Nokia. It's sad to see how old good brands die.

Source


Next generation USB plug will finally be smaller and reversible

Posted by Stanislav Furman on December 5, 2013

Good news!

The USB 3.0 Promoter Group has announced that the development of the next generation of USB plug has begun. Nothing is designed yet, but in the nearest future can expect a newly designed USB connector which will have the following key features:

  • Reversible.Yes! No worries about plug orientation any more!
  • Smaller size (comparable to MicroUSB)
  • Scalability of power charge. New new USB will adjust needed power depending on the device.

Not clear yet if the new connector will be compatible with existing USB 2.0, but I am sure there will be adapters on the market at least.

images?q=tbn:ANd9GcTWHBdh3u5z-C2zH26Son4RFn4X8LyaYeYq8_hlr9EAulCF7V2GsdP34fyY