With a attack on the auction site eBay attackers gained access to the data of a total of 145 million users, a big part of the information was copied. With the attack a large amount of encrypted passwords were stolen.
According to eBay , it is not easy to decrypt the encrypted passwords, yet users were advised to change their password.
On the auction site some experts believe that the risk to users is bigger than eBay does occur. Michael Coates of Shape Security states that there is a high risk that the attackers do crack the stolen encrypted passwords. Namely business users would usually only apply for a change if there is a reasonable chance that the attackers encrypted passwords can retrieve their passwords. However, there are no indications that the data has actually been misused , according to eBay.
The attack, which was possible due to stolen credentials of employees. Took place in late February and early March, but was discovered in early May. Security experts and police were immediately alerted. The time between the discovery and disclosure would have been to determine the extent of the data theft. On the basis of the number of stolen data this is the second largest successful attack at an American company.
Apple has released 22 updates for Apple OSX – Safari to fix certain vulnerabilities in the browser. Through the vulnerability, an possible attacker could execute arbitrary code to gain access to the computer, there is also a problem fixed with the unicode characters.
All vulnerabilities are in the WebKit engine that Safari uses for rendering websites. Eight of the repaired leaks were discovered by Google that uses the WebKit for Chrome. Apple discovered five vulnerabilities, while a leak by both Apple and Google were found.
Safari 6.1.4 and Safari 7.0.4 are available for OS X Lion, Mountain Lion and Mavericks. Updating can be done via the Software Update feature or Apple.com.
Last year, 24 million computers using the Microsoft security were attacked by malware that steals all kinds of information from the computer. Only 5 million or less were actually affected by the attack and information was stolen.
The attack is related to the malware such as Gamarue, Dorkbot, Zbot, Banker, Bancos and Fareit for example to steal login information for online banking usernames and passwords for different websites, keys for signing digital codes and other data. If Microsoft Security Essentials or Windows Defender detected informational stealing malware on the computer of the victim, the software will prompt the user to change their passwords on the computer. Continue reading