M2G Posted June 6, 2012 Report Share Posted June 6, 2012 Already in the spotlight over concerns that its iOS app collects full meeting notes and details from a device’s calendar and sends them back to the company in plain text, LinkedIn user accounts are now said to have been compromised, with 6.5 million hashed and encrypted passwords reportedly leaked.Norweigan IT webite Dagens IT reported the breach, with 6.5 million encrypted passwords posted to a Russian hacker site. Security researcher Per Thorsheim has also confirmed reports via his Twitter feed, stating that the attackers have posted the encrypted passwords to request help cracking them.Finnish security firm CERT-FI is warning that whilst user details have not been posted, it is believed that the attackers will have access to user data as well as their passwords.What should you do? For starters, change your password.LinkedIn hasn’t responded to reports at the time of writing, so the breach is yet to be confirmed. However, over 300,000 passwords are said to have been decrypted, and more are being cracked as we write this. We suggest you employ good security practises and amend yours, regardless of whether you have been affected or not.LinkedIn is home to more than 150 million users, suggesting the breach is limited to less than 10% of the professional social network’s userbase, but it will still affect a huge number of users.The unsalted hashes use SHA-1 encryption, and while it is somewhat secure, it can still be cracked if the user employs a simple dictionary password.Earlier today we reported that the LinkedIn iOS app collects full meeting notes and details from your device’s calendar and sends them back to the company in plain text.The information is gathered without explicit permission by a feature that allows users to access their calendar within the app. LinkedIn has took the time to formulate an official response, noting that a new version of the app it on its way.It also provided a list of what it does and doesn’t do with your data.Sursa Quote Link to comment Share on other sites More sharing options...
drealecs Posted June 6, 2012 Report Share Posted June 6, 2012 (edited) de unde downloadam sa ne cautam parola in lista?gasit: https://disk.yandex.net/disk/public/?hash=pCAcIfV7wxXCL/YPhObEEH5u5PKPlp+muGtgOEptAS4=A mea nu e in lista. nici macar ca si terminatie ca unele incep cu 00000.Ar putea sa fie doar un zvon prost sau doar un fisier prost gasit. Edited June 6, 2012 by drealecs Quote Link to comment Share on other sites More sharing options...
alien Posted June 6, 2012 Report Share Posted June 6, 2012 (edited) @drealecs: nici eu nu mi-am gasit-o in lista aiaLE: o lista cu parole decriptate aici: http://www.mediafire.com/?bq8bd5iojp50zci Edited June 6, 2012 by alien Quote Link to comment Share on other sites More sharing options...
