HackDig : Dig high-quality web security articles for hackers

Taringa Data Breach, over 28 Million users affected

The data breach notification website LeakBase reported to the colleagues at THN the Taringa data breach, over 28 Million users’ data exposed. Taringa, also known as ‘The Latin American Reddit’, is a popular social network used by netizens in Latin America to create and share thousands of posts every day on general interest topics. The dat
Publish At:2017-09-04 16:05 | Read:3556 | Comments:0 | Tags:Breaking News Data Breach Hacking Social Networks cracking p

CynoSure Prime ‘cracktivists’ exposed 320 Million hashed passwords

The anonymous CynoSure Prime ‘cracktivists” reversed 320 million hashed passwords dumped to the popular researcher Troy Hunt. The anonymous CynoSure Prime ‘cracktivists” is back and reversed 320 million hashed passwords dumped to the popular researcher Troy Hunt. Two years ago the CynoSure Prime group reversed hashes of 11 million lea
Publish At:2017-09-04 13:00 | Read:4133 | Comments:0 | Tags:Breaking News Data Breach Hacking authentication cracking pa

How LinkedIn’s password sloppiness hurts us all

Jeremi M Gosney (@jmgosney) is a world-renowned password cracker and security expert. He is the Founder & CEO of the password-cracking firm Sagitta HPC, and a member of the Hashcat development team. Jeremi also helps run the Security BSides Las Vegas, Hushcon, and PasswordsCon conferences. Me: "The full dump from the 2012 LinkedIn breach just droppe
Publish At:2016-06-01 23:40 | Read:4482 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab Cracking Data

Cluster of “megabreaches” compromises a whopping 642 million passwords

Less than two weeks after more than 177 million LinkedIn user passwords surfaced, security researchers have discovered three more breaches involving MySpace, Tumblr, and dating website Fling that all told bring the total number of compromised accounts to more than 642 million."Any one of these 4 I'm going to talk about on their own would be notable, but to s
Publish At:2016-06-01 05:25 | Read:4449 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab Cracking Data

If Microsoft is banning stupid passwords, why does it still allow “Pa$$w0rd1”?

As Microsoft pats itself on the back for its crackdown on easily cracked passwords, keep this in mind: a quick check shows users still have plenty of leeway to make poor choices. Like "Pa$$w0rd1" (excluding the quotation marks).As a Microsoft program manager announced earlier this week, the Microsoft Account Service used to log in to properties such as Xbox
Publish At:2016-05-26 21:40 | Read:3871 | Comments:0 | Tags:Risk Assessment Technology Lab Cracking google microsoft pas

SmarterMail Password Decryption Updates

Greetings and salutations! One of my faithful readers reminded me that one of my old programs I wrote no longer works. This is due to SmarterMail updating their source code and me not updating enough. So to fix this, I have come up with a half-ass solution. For those wondering how to decrypt SmarterMail hashes, here’s how: It’s DES encryption wi
Publish At:2016-05-24 21:50 | Read:8595 | Comments:0 | Tags:code cracking reversing cracking smartermail

CactusCon Reverse Engineering Spoilers

Challenge 1: –[—–>+—-.[—>+—-.+++[->+++++.++++++++.+++++.——–.-[—>+–.+[->++++.++++++++.–.+++++.——-.–.—-.–[—>+–.++++++. Answer: brainfuckingeasy Challenge 2 – “simple” xor crackme with a 55 character password. May make this a highe
Publish At:2016-05-24 21:50 | Read:5637 | Comments:0 | Tags:code cracking cactuscon

Why Tim Cook is right to call court-ordered iPhone hack a “backdoor”

Tuesday's court order compelling Apple to hack the iPhone belonging to a gunman who killed 14 people and injured 22 others has ignited an acrimonious debate. CEO Tim Cook called the order "chilling" because, he said, it requires company engineers to create the equivalent of a backdoor that could be used against any iPhone. Law enforcement officials, meanwhil
Publish At:2016-02-17 22:55 | Read:4393 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment backdoors Crack

Password cracking attacks on Bitcoin wallets net $103,000

Hackers have siphoned about $103,000 out of Bitcoin accounts that were protected with an alternative security measure, according to research that tracked six years' worth of transactions. Account-holders used easy-to-remember passwords to protect their accounts instead of the long cryptographic keys normally required.The heists were carried out against almos
Publish At:2016-02-15 16:35 | Read:3314 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab bitcoin brain

Ashley Madison passwords like “thisiswrong” tap cheaters’ guilt and denial

On Friday, members of the CynoSure Prime password-cracking collective published the top 100 mostly commonly used Ashley Madison passwords recovered so far. With top entries including 123456, 12345, and password, the list underscored that accounts on the site dedicated to people cheating on their romantic partners were no better than those on LinkedIn and mor
Publish At:2015-09-14 13:10 | Read:4404 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab Ashley Madison

Once seen as bulletproof, 11 million+ Ashley Madison passwords already cracked

When the Ashley Madison hackers leaked close to 100 gigabytes' worth of sensitive documents belonging to the online dating service for people cheating on their romantic partners, there seemed to be one saving grace. User passwords were cryptographically protected using bcrypt, an algorithm so slow and computationally demanding it would literally take cen
Publish At:2015-09-10 21:15 | Read:4897 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab Ashley Madison

Lessons learned from cracking 4,000 Ashley Madison passwords

Further Reading25-GPU cluster cracks every standard Windows password in <6 hoursAll your passwords are belong to us.When hackers released password data for more than 36 million Ashley Madison accounts last week, big-league cracking expert Jeremi Gosney didn't bother running them through one of his massive computer clusters built for the sole purpose o
Publish At:2015-08-27 05:30 | Read:4777 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab Ashley Madison

New data uncovers the surprising predictability of Android lock patterns

The abundance of password leaks over the past decade has revealed some of the most commonly used—and consequently most vulnerable—passphrases, including "password", "p@$$w0rd", and "1234567". The large body of data has proven invaluable to whitehats and blackhats alike in identifying passwords that on their face may appear strong but can be cracked in a
Publish At:2015-08-20 15:10 | Read:5489 | Comments:0 | Tags:Gear & Gadgets Risk Assessment Technology Lab android lock p

Differential Cryptanalysis for Dummies

By Keith Makan @k3170makanRecently, I ventured into the crazy world of differentialcryptanalysis purely to find out what the heck it was all about. In this post,I hope to reassure you that this strange and rather cool technique is not asscary as it seems. Hopefully, you'll be attacking some ciphers of your own inno time!A differential cryptanalysis att
Publish At:2015-07-28 05:55 | Read:4860 | Comments:0 | Tags:cracking cryptanalysis crypto Cryptography encryption hackin

Password cracking experts decipher elusive Equation Group crypto hash

Unraveling a mystery that eluded the researchers analyzing the highly advanced Equation Group the world learned about Monday, password crackers have deciphered a cryptographic hash buried in one of the hacking crew's exploits. It's Arabic for "unregistered."Researchers for Moscow-based Kaspersky Lab spent more than two weeks trying to crack the MD5 hash
Publish At:2015-02-17 10:45 | Read:4317 | Comments:0 | Tags:Risk Assessment Technology Lab Cracking equation group hashe


Tag Cloud