Computer Thread

[BarnBuster]

I've used Docusign for my auto insurance forms so...

Krebs on Security has posted a new item.

DocuSign, a major provider of electronic signature technology, acknowledged
today that a series of recent malware phishing attacks targeting its customers
and users was the result of a data breach at one of its computer systems. The
company stresses that the data stolen was limited to customer and user email
addresses, but the incident is especially dangerous because it allows attackers
to target users who may already be expecting to click on links in emails from
DocuSign.

https://krebsonsecurity.com/2017/05/breach-at-docusign-led-to-targeted-email-malware-campaign/

 

[BarnBuster]

https://haveibeenpwned.com/

I may have posted this site before, they will/can notify you if your email address(s) show up. I ran this today to show you what appears on my 20 yr old email address

Breaches you were pwned in
A "breach" is an incident where a site's data has been illegally accessed by hackers and then released publicly. Review the types of data that were compromised (email addresses, passwords, credit cards etc.) and take appropriate action, such as changing passwords.

Dropbox: In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers. In August 2016, they forced password resets for customers they believed may be at risk. A large volume of data totalling over 68 million records was subsequently traded online and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).

Compromised data: Email addresses, Passwords
______________________________________________________________________________
Exploit.In (unverified): In late 2016, a huge list of email address and password pairs appeared in a "combo list" referred to as "Exploit.In". The list contained 593 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated and used for "credential stuffing", that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password. For detailed background on this incident, read Password reuse, credential stuffing and another billion records in Have I been pwned.

Compromised data: Email addresses, Passwords

LinkedIn: In May 2016, LinkedIn had 164 million email addresses and passwords exposed. Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data.

Compromised data: Email addresses, Passwords

QuinStreet: In approximately late 2015, the maker of "performance marketing products" QuinStreet had a number of their online assets compromised. The attack impacted 28 separate sites, predominantly technology forums such as flashkit.com, codeguru.com and webdeveloper.com (view a full list of sites). QuinStreet advised that impacted users have been notified and passwords reset. The data contained details on over 4.9 million people and included email addresses, dates of birth and salted MD5 hashes.

Compromised data: Dates of birth, Email addresses, IP addresses, Passwords, Usernames, Website activity
__________________________________________________________________________
River City Media Spam List (spam list): In January 2017, a massive trove of data from River City Media was found exposed online. The data was found to contain almost 1.4 billion records including email and IP addresses, names and physical addresses, all of which was used as part of an enormous spam operation. Once de-duplicated, there were 393 million unique email addresses within the exposed data.

Compromised data: Email addresses, IP addresses, Names, Physical addresses

Stratfor: In December 2011, "Anonymous" attacked the global intelligence company known as "Stratfor" and consequently disclosed a veritable treasure trove of data including hundreds of gigabytes of email and tens of thousands of credit card details which were promptly used by the attackers to make charitable donations (among other uses). The breach also included 860,000 user accounts complete with email address, time zone, some internal system data and MD5 hashed passwords with no salt.

Compromised data: Credit cards, Email addresses, Names, Passwords, Phone numbers, Physical addresses, Usernames

 

[zoic]

That is a very cool website, but after playing on it a while I have to question the validity. The reason it is suspect to me is that my yahoo account has never been pwned in spite of the well know breach in 2012. Also my spam address was the one I expected to see many breaches, but there were none. Very cool site though, I still have about 20 more e-mail addresses to check. Thanks BB

 

[BarnBuster]

That is a very cool website, but after playing on it a while I have to question the validity. The reason it is suspect to me is that my yahoo account has never been pwned in spite of the well know breach in 2012.

IKR? i thought that also but i've only read good stuff about the site and owner Troy Hunt. i have noticed more spam this year (coincidently after the Jan 2017 breach) so who knows?

https://en.wikipedia.org/wiki/Have_I_Been_Pwned?

 

[zoic]

Been playing more and I noticed if you type in a bogus address is does not tell you it is bogus, just says it is OK. LOL.
Either way, it was fun checking so many e-mail addresses.

 

[Cx2H]

Been playing more and I noticed if you type in a bogus address is does not tell you it is bogus, just says it is OK. LOL.
Either way, it was fun checking so many e-mail addresses.

Greetings, is there any paid service options on this site? BSaaS?
<!-- Bull Sheet as a Service-->

Want to find your emails?
Use dog pile search engine.

Check:
Paste bin
Ghost bin

 

[zoic]

Heck no, I do not want to find any of my emails. I read them, delete them, they are gone. I was just bored again and it was mildly amusing. You seem to have a lot of good info to pass on, please keep it up and thanks. Which Linux distro do you run?

 

[Cx2H]

Heck no, I do not want to find any of my emails. I read them, delete them, they are gone. I was just bored again and it was mildly amusing. You seem to have a lot of good info to pass on, please keep it up and thanks. Which Linux distro do you run?

Thanks,
I like Debian based distros now days.

 

[zoic]

Debian for sure, there are so many good choices out there. After Lindows/Linspire/Xandros became vaporware, I settle into Mepis. Never much cared for Ubuntu, kind of ugly and too many hoops to run as root.

 

[curious2garden]

I repaired the superdrive in my 27" imac and cleaned the screen! Who knew it was that bright and clear ::cough::

 

[Cx2H]

Debian for sure, there are so many good choices out there. After Lindows/Linspire/Xandros became vaporware, I settle into Mepis. Never much cared for Ubuntu, kind of ugly and too many hoops to run as root.

Just needed to su or go into config files. Root gets people in trouble though.

Never liked Ubuntu too much although it is easy to work with If you came up on Windows, was too bloated and slow.

I used to compile custom ISO's based off Kali and cyborg hawk. Arch was a little to bleek for me.

Slackware was cool, but was a pain to sync. RH was my first Linux . I came up on Unix though.

#Random

 

[curious2garden]

Never liked Ubuntu too much although it is easy to work with If you came up on Windows, was too bloated and slow.

I used to compile custom ISO's based off Kali and cyborg hawk. Arch was a little to bleek for me.

Slackware was cool, but was a pain to sync. RH was my first Linux . I came up on Unix though.

#Random

Minix was mine, then Redhat 5.2 during grad school. Loved fooling with the Minix kernel. I dislike Ubuntu.

 

[zoic]

Yep, I do not like Ubuntu either nor Redhat 5.2 and 7.3. I had the original Corel linux, loaded it and thought there has to be more to Linux. I was a Lindows insider so I had a fast track to every new ISO. My linux guru was running Slackware and Solaris for his work connection. I tried a boatload of different distros and built/sold about 30 linux PC's, most to the over 50 crowd that were sick of Windows viruses. Minix rings a bell, but there were so many it is a bit of a blur now.

With a 10 minute install on my 3rd or 4th extra PC, running as root was only as dangerous as having to reinstall. I am somewhat forward thinking so it never bit me in the ass. Obviously I would be bad to run a server as root.

 

[curious2garden]

Yep, I do not like Ubuntu either nor Redhat 5.2 and 7.3. I had the original Corel linux, loaded it and thought there has to be more to Linux. I was a Lindows insider so I had a fast track to every new ISO. My linux guru was running Slackware and Solaris for his work connection. I tried a boatload of different distros and built/sold about 30 linux PC's, most to the over 50 crowd that were sick of Windows viruses. Minix rings a bell, but there were so many it is a bit of a blur now.

With a 10 minute install on my 3rd or 4th extra PC, running as root was only as dangerous as having to reinstall. I am somewhat forward thinking so it never bit me in the ass. Obviously I would be bad to run a server as root.

Minix was what Linus Torvalds created the Linux kernel from.

 

[zoic]

Thanks and I knew that. I spent many hours reading his info and adventures, like getting attacked by a penguin. I was cutting my teeth on a turnkey system (Lindows). I wanted to try Minix and Solaris but I just never managed to get there. I wasted far too much time trying so many distros and not enough on the inner workings. Now with my health decline I just cannot seem to get invested in it anymore.

 

[curious2garden]

Thanks and I knew that. I spent many hours reading his info and adventures, like getting attacked by a penguin. I was cutting my teeth on a turnkey system (Lindows). I wanted to try Minix and Solaris but I just never managed to get there. I wasted far too much time trying so many distros and not enough on the inner workings. Now with my health decline I just cannot seem to get invested in it anymore.

I completely understand. Tannenbaum was the author of my OS textbook. That was how I ended up involved with Minix. One company I worked for ran Solaris and my 11 servers were all Solaris based so I had that opportunity LOL. I tried to convince them to move to Linux. It was a huge cost savings. They moved to Windows, between that and a couple other poor decisions I left. I had zero interest in running a Windows server farm, life's to short. I liked BSD a lot too. As my health declined I finally retired as well!

 

[zoic]

WTF, why would they move from Solaris to Windows? Was security inconsequential?
I did try BSD one time but it was when I was very green, so it was too much for me at that time. Since I am so bored lately and I kept a few PC's from my business, I have been toying with the idea of a Linux revival. Just putting BSD out there has suddenly spurred my interest. Kind of like dealing with unfinished business.

 

[curious2garden]

WTF, why would they move from Solaris to Windows? Was security inconsequential?
I did try BSD one time but it was when I was very green, so it was too much for me at that time. Since I am so bored lately and I kept a few PC's from my business, I have been toying with the idea of a Linux revival. Just putting BSD out there has suddenly spurred my interest. Kind of like dealing with unfinished business.

They were listening to the 19 y/o with the skateboard instead of the CTO with the Ph.D. The same kid whose code everyone had to constantly correct, who never showed up on time and got caught smoking marijuana at his desk, HIS DESK! Which would not have bothered me if he could fuckin' code.

 

[Chunky Stool]

They were listening to the 19 y/o with the skateboard instead of the CTO with the Ph.D. The same kid whose code everyone had to constantly correct, who never showed up on time and got caught smoking marijuana at his desk, HIS DESK! Which would not have bothered me if he could fuckin' code.

It's amazing what you can get away with if you can fuckin' code...
When I worked in hell (microsoft), one of our most talented programmers liked to come to work in skull pants (looked more like pajamas) and was known for putting his nasty bare feet up on the table during meetings.
I smoked weed with him on several occasions. His "evil movie" parties were epic! (Ever seen 'Meet the Feebles'?)

 

[neosapien]

Y'all MFers hating on Ubuntu! Naw, I get it. When they switched to Unity a few releases back, I fucking hated it. So fucking bubble gummy. Luckily I found a desktop environment called Mate and really like it. I'm a straight up end user though. I first started with Fedora Core something something about 10 years ago. I liked it but seemed as though Ubuntu had better community support and not knowing anything about computers, I needed all the help I could get. Also liked apt over yum or whatever it was then. I tried several live cds around that time but settled with Ubuntu. I was real into Beryl and compiz and all the desktop candy at the time and it blew my mind and Ubuntu seemed to be a little more stable with that stuff. Fun talk. Here's my current desktop....