Posts Tagged with "security"

HipChat was attacked, some data may have been leaked

Posted by Stanislav Furman on April 24, 2017

On Monday April 24, 2017 the HipChat Security team has advised their users that there was a security incident detected which affected a server in the HipChat Cloud. The incident lead to a leak of some account information such as names, email addresses and hashed passwords. For a small number of instances (less than 0.05% according to HipChat), messages and content in rooms may have been accessed too. 

HipChat automatically reset user passwords for those accouts that they believe were affected and some users were asked to update their passwords manually.

In their statement the HipChat team assured that no other of Atlassian services were affected:

Continue reading

Worst passwords ever

Posted by Stanislav Furman on February 15, 2017

In 2016-2017 pretty much all media were talking about hacking that happened during the US presidential campaign (did it actually happened or not - that's a different story). You can see many articles in the Internet and in paper books about how it is important to have a strong password. Seems like everybody should know this now. However, security professionals regularly meet passwords that are ridiculously unsafe.

Guys from Keeper Security, authors of the Keeper Password Manager, have compiled a list of the most commonly used passwords involved in data breaches in 2016. According to this blog post, these unsafe passwords are using in about 50% of 10 million password that were analyzed! Mostly, there are no surprises. People still use passwords like "password", "123456", "qwerty", etc.  Nevertheless, there are some interesting examples such as  “18atcskd2w” and “3rjs1la7qe”. Those passwords seem relatively strong, right? It seems like those passwords were created by bots for spam or flood activities and those passwords were used over and over in different sites.

Continue reading

Spam with animated email subject

Posted by Stanislav Furman on January 23, 2015

Yesterday received into my Gmail inbox a couple of SPAM messages with animated email subject! Didn't it's possible, have never seen it before...

From very first look it seems like a big secirity whole in gmail!

Interesting...


Russian hackers steal 1.2 billion user credentials. Is this true?

Posted by Stanislav Furman on August 6, 2014

News agencies reported yesterday and today that a group of Russian hackers has stolen a huge number (1.2 billion!) of usernames and passwords using a botnet. This is apparently could be the largest collection of stolen user credentials in the history (if this fact is actually truth).

According to the news, the theft was discovered by an american security company called Hold Security. They did not disclose exactly what web sites have been attacked, but it was mentioned that it is a number of websites from small to big ones.

I am scratching my head trying to understand two things: 1) How did they discover this theft? 2) How do they know that it was Russian group of hackers?

Continue reading

Securing a directory with 777 or 775 permissions

Posted by Stanislav Furman on July 6, 2014

If in your project you have a publicly accessible directory that has full permissions (777), then it may cause serious security issues. An attacker may put an executable script or binary on your host and then run it remotely. This is a major security whole and it may lead to major problems if someone decides to attack your website.

However, sometimes on some shared webhosting servers you need have a folder that has risky 777 permissions (or, if possible, 775 which is a little bit better). As an example you can consider a folder where website users can upload their photos or images. In this case it opens a security whole for potential attackers. But, there are a few techniques that can help you to keep your website safe.

Continue reading

Ebay asks its users to change passwords

Posted by Stanislav Furman on May 21, 2014
Security alert! Ebay asks its users to change their passwords.

IE users risk having their computers hacked and taken over

Posted by Stanislav Furman on April 28, 2014

pic_ie128.jpg

There is a major security whole affecting several versions of Internet Explorer has been discovered recently. 

Microsoft has announced that Internet Explorer versions from IE6 to IE11 are all vulnerable to a glitch that could be used by hackers to get remote access to a victim’s PC.

"On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs." , - Microsoft stated in their official press release.

According to W3Schools web browser usage stats this security issue may affect on 1 from 10 Internet users.


Unix shell commands to detect a DDoS attack and its source

Posted by Stanislav Furman on April 25, 2014

5 unix shell commands to detect a DDoS attack

Hello Coders!

In this article I'd like to show you a few handy Unix shell commands that would help you to detect if your server is (was) under DDoS/DoS attack. However, keep in mind, that protection from DDoS attacks is quite complex and if you are dealing with a massive DDoS attack, you would need to contact your IPS or Hosting Provider (i.e. 1&1) for assistance. 

So. What do we work with? We can do some analysis based on your Apache access log data. Assuming you have a standard Apache access log, and you are running your website on Unix. Let's now get the total number of requests per day:

## Get number of requests per day:


awk '{print $4}' access.log | cut -d: -f1 | uniq -c

This will display you a list the total number of HTTP requests per day. See if you have any unusual increses comparing to other days. Now see the total number of requests per hour for a specific date (April 25th in this example):

Continue reading

This password is already in use. Old school security fail.

Posted by Stanislav Furman on April 23, 2014

Believe you or not but such fails have been seen! :)

Hopefully, these days you won't see such a message anywhere. LOL

 


What Is the Heartbleed Encryption Bug?

Posted by Stanislav Furman on April 11, 2014