*** The Security News Thread ***

[harrybarracuda]

Warning! Over 900 Million Android Phones Vulnerable to New 'QuadRooter' Attack
Sunday, August 07, 2016 Swati Khandelwal

Android has Fallen! Yet another set of Android security vulnerabilities has been discovered in Qualcomm chipsets that affect more than 900 Million Android smartphones and tablets worldwide.

What's even worse: Most of those affected Android devices will probably never be patched.

Dubbed "Quadrooter," the set of four vulnerabilities discovered in devices running Android Marshmallow and earlier that ship with Qualcomm chip could allow an attacker to gain root-level access to any Qualcomm device.

The chip, according to the latest statistics, is found in more than 900 Million Android tablets and smartphones.

That's a very big number.

The vulnerabilities have been disclosed by a team of Check Point researchers at the DEF CON 24 security conference in Las Vegas.

Critical Quadrooter Vulnerabilities:

The four security vulnerabilities are:

CVE-2016-2503 discovered in Qualcomm's GPU driver and fixed in Google's Android Security Bulletin for July 2016.

CVE-2016-2504 found in Qualcomm GPU driver and fixed in Google's Android Security Bulletin for August 2016.

CVE-2016-2059 found in Qualcomm kernel module and fixed in April, though patch status is unknown.

CVE-2016-5340 presented in Qualcomm GPU driver and fixed, but patch status unknown.

Qualcomm is the world's leading designer of LTE (Long Term Evolution) chipsets with a 65% share of the LTE modem baseband market. If any one of the four flaws is exploited, an attacker can trigger privilege escalations for gaining root access to an affected device.

All an attacker needs is to write a piece of malware and send it to the victim. When installed, the malware offers the attacker privilege escalation on the affected devices.
According to the researchers, the attack can also be conducted through a malicious app. An attacker needs to trick a user into installing a malicious app that, unlike other malware, would execute without requiring any special permission checks.
"Such an app would require no special permissions to take advantage of these vulnerabilities, alleviating any suspicion users may have when installing," Check Point researchers write in a blog post.

If any of the four vulnerabilities are successfully exploited, an attacker could gain root access to an affected device, giving the attacker full access to the device, including its data, camera and microphone.

List of Affected Devices (Popular)

android-vulnerability-scanner

More than 900 Million Android devices that ship with Qualcomm chip are vulnerable to the flaws.
Here's the list of some of the popular affected devices, though there are far more devices that are impacted by one or more Quadrooter vulnerabilities.

Samsung Galaxy S7 and Samsung S7 Edge
Sony Xperia Z Ultra
OnePlus One, OnePlus 2 and OnePlus 3
Google Nexus 5X, Nexus 6 and Nexus 6P
Blackphone 1 and Blackphone 2
HTC One, HTC M9 and HTC 10
LG G4, LG G5, and LG V10
New Moto X by Motorola
BlackBerry Priv

How to Check if Your Device is Vulnerable?

You can check if your smartphone or tablet is vulnerable to Quadrooter attack using Check Point's free app.

Since the vulnerable software drivers, which control communication between Qualcomm chipset components, come pre-installed on these devices at the time of manufacturing, they can only be fixed by installing a patch from the devices' distributors or carriers after receiving fixed driver packs from Qualcomm.
"This situation highlights the inherent risks in the Android security model," the researchers say. "Critical security updates must pass through the entire supply chain before they can be made available to end users."

Three of the four vulnerabilities have already been fixed in Google's latest set of monthly security updates, and a patch for the remaining flaw will be rolled out in the upcoming September update.

Since Qualcomm has already released the code, the phone manufacturers could be able to issue patches to the individual devices as soon as possible.
Android Nexus devices are already patched via the over-the-air updates, but other smartphone models will need to wait until their lazy phone manufacturers integrate the fixes into their own custom Android ROMs.

Warning! Over 900 Million Android Phones Vulnerable to New 'QuadRooter' Attack

[harrybarracuda]

Microsoft August Security Bulletin

8/9/2016 MS16-103 3182332 Security Update for ActiveSyncProvider Important
8/9/2016 MS16-102 3182248 Security Update for Microsoft Windows PDF Library Critical
8/9/2016 MS16-101 3178465 Security Update for Windows Authentication Methods Important
8/9/2016 MS16-100 3179577 Security Update for Secure Boot Important
8/9/2016 MS16-099 3177451 Security Update for Microsoft Office Critical
8/9/2016 MS16-098 3178466 Security Update for Windows Kernel-Mode Drivers Important
8/9/2016 MS16-097 3177393 Security Update for Microsoft Graphics Component Critical
8/9/2016 MS16-096 3177358 Cumulative Security Update for Microsoft Edge Critical
8/9/2016 MS16-095 3177356 Cumulative Security Update for Internet Explorer Critical

[harrybarracuda]

Researchers discover advanced cyber-espionage malware
It eluded detection for at least five years.

Mariella Moon , @mariella_moon
08.09.16 in Security

Both Kaspersky and Symantec have unearthed a new type of malware so advanced, they believe it could have links to a country's intelligence agency. They're calling it "Remsec," "Strider" (Aragorn's nickname in LOTR) and "ProjectSauron," because it has several references to the Necromancer in Tolkien's series. According to Symantec, it has been used for what could be state-sponsored attacks to infiltrate 36 computers across at least seven organizations around the world since 2011.

Its targets include several individuals in Russia, a Chinese airline, an unnamed organization in Sweden and an embassy in Belgium. Kaspersky says you can add various scientific research centers, military installations, telecommunications companies and financial institutions to that list.

ProjectSauron has been active since at least 2011, but it was only unearthed recently because it was designed not to use patterns security experts usually look for when hunting for malware. Kaspersky only discovered its existence when it was asked by an unnamed government organization to investigate something weird going on with its network traffic.

The malware can move across a network -- across even air gapped computers that are supposed to be more secure than typical setups -- to siphon passwords, cryptographic keys, IP addresses, configuration files, among other data off computers. It then stores all those information in a USB drive that Windows recognizes as an approved device. Both security companies believe its development required the involvement of specialist teams and that it costs millions of dollars to operate.

They didn't name a government in particular, but they noted that the malware took cues from older tools used for state-sponsored attacks, including Flamer that's been linked to Stuxnet in the past. As you might know, the Stuxnet worm, widely believed to be the joint creation of the US and Israel, infected Iran's nuclear program computers in the mid-2000s.

https://www.engadget.com/2016/08/09/...auron-malware/

[Latindancer]

How on earth can it move across even air gapped computers ???

They're separated by a much larger gap than that odd whistling gap between ENT's front teeth ....

[harrybarracuda]

How on earth can it move across even air gapped computers ???

They're separated by a much larger gap than that odd whistling gap between ENT's front teeth ....

Fill your boots.

https://securelist.com/analysis/publ...ectsauron-apt/

Stuxnet traversed airgaps; it was easy, employees moved it for them via USB drives.

In this case it's using more sophisticated methods to hide itself on those USB drives.

[Neo]

Woops..!

Secure Boot snafu: Microsoft leaks backdoor key, firmware flung wide open | Ars Technica UK

[Perota]

How on earth can it move across even air gapped computers ???

They're separated by a much larger gap than that odd whistling gap between ENT's front teeth ....

Fill your boots.

https://securelist.com/analysis/publ...ectsauron-apt/

Stuxnet traversed airgaps; it was easy, employees moved it for them via USB drives.

In this case it's using more sophisticated methods to hide itself on those USB drives.

I believe that it is in Mr Robot that they describe a simple way to do it. Someone drop a few infected USB keys in the parking lot of the company they want to hack. You need to have just one employee who pick up one of these keys and use it inside the company to infiltrate it.

[Dragonfly]

You need to have just one employee who pick up one of these keys and use it inside the company to infiltrate it.

Harry would be that employee !!!

[Dragonfly]

widely believed to be the joint creation of the US and Israel, infected Iran's nuclear program computers in the mid-2000s.

it's actually French, and I would have to kill you if I would reveal my source

[harrybarracuda]

widely believed to be the joint creation of the US and Israel, infected Iran's nuclear program computers in the mid-2000s.

it's actually French, and I would have to kill you if I would reveal my source

Stick to making cheese and surrender flags, you thick twat.

[Cujo]

widely believed to be the joint creation of the US and Israel, infected Iran's nuclear program computers in the mid-2000s.

it's actually French, and I would have to kill you if I would reveal my source

Stick to making cheese and surrender flags, you thick twat.

[harrybarracuda]

In the latest data breach impacting the hospitality industry, cybercriminals installed malware in the point-of-sale systems of HEI Hotels & Resorts and may have checked out with customer data including payment card information.

The company, which owns and operates approximately 50 hotels in the U.S. under the franchised brand names Starwood, Marriott, Hyatt and Intercontinental, acknowledged the breach in an online notification.

“Unfortunately, like many other organizations, we recently became aware that several of our properties may have been the victim of a security incident that could have affected the payment card information of certain individuals who used payment cards at point-of-sale terminals, such as food and beverage outlets, at some of our properties,” read the statement.

The malware, designed to capture payment card data in transit as it is routed between systems, was discovered and ultimately eliminated on June 21 after a card processing company alerted HEI of suspicious activity; however, the earliest incidents are known to date as far back as March 1, 2015. Potentially captured information likely includes names, payment card account numbers, expiration dates and verification codes.

HEI also published a notice letter, an FAQ document and a list of affected properties that includes 20 locations stretching from coast to coast. “We have disabled the malware and are in the process of reconfiguring various components of our network and payment systems to enhance the security of these systems,” HEI's notice letter read. HEI has also set up a toll-free number for customers with questions and concerns.

HEI's disclosure comes just days after researchers announced that numerous POS system vendors were compromised in a malware campaign that was likely the work of Russian cybercriminals. In one case, bad actors infected the customer support portal for Oracle's MICROS POS solution, and then waited for business users to log in to steal their passwords and infect their POS systems. It's not know if HEI is a customer of one of the recently affected POS vendors of if this is an entirely unrelated incident.

Regardless, cybersecurity insiders have taken note of a perceived uptick in hospitality industry data breach disclosures in 2016, including incidents affecting Hyatt Hotels Corporation, Kimpton Hotels & Restaurant Group, Omni Hotels & Resorts, and Rosen Hotels & Resorts.

“Any business, regardless of size or vertical specialty, that processes payment data or offers free Wi-Fi to guests, is a lucrative breach target. But unfortunately, large chains like HEI have bullseyes on their backs, enticing hackers with large quantities of valuable information such as credit card data for patrons, sensitive employee data for staff, and sometimes even medical data used by in-house care facilities,” said John Christly, CISO at security service provider Netsurion, in an emailed statement to SCMagazine.com.

“Hospitality companies have always been a target for attack because of both the type of data they hold and the relatively poor security they employ. Financial institutes and technology companies are much more difficult targets. Meanwhile hotel chains with a global presence are generally poorly protected from an information technology perspective,” said Gunter Ollmann, CSO at automated threat management firm Vectra Networks.” Also, because the hospitality industry “depends heavily on transient and temporary staff, they are more prone to physical subversion of their systems.”

In an interview with SCMagazine.com, Chris Strand, security risk and compliance officer at endpoint security company Carbon Black, said he's anything but surprised at the latest breach news, cautioning that the cybersecurity industry is so wrapped up in the ransomware epidemic that it's in danger of overlooking POS threats.

Strand pointed out that when malware campaigns zero in on hospitality chains, the targets are often franchised locations, much like HEI's hotels. The problem, according to Strand, is that franchisors too often “will allow individual franchises to let them run things their way. That means cybersecurity best practices “are pushed down to individual franchises, but not necessary adopted.”

Strand warned that often times franchised hotels systems are “outdated” and “inundated,” and that franchisors must get a better handle on how its franchisees address security concerns.

In the recent Wendy's restaurant data breach, all of the approximately 1,000 U.S.-based locations affected by the POS malware attack were franchised.

Other factors contributing to recent hospitality attacks, Strand added, are incorrect or incomplete adoption of the new “chip and PIN” EMV standard, as well as a tendency to settle for basic PCI compliance instead of aggressively pursuing next-generation security solutions and procedures. Ultimately, the responsibility to secure transactions at the POS is equally split among vendors and their customers, Strand concluded.

Consumers, too, must stay vigilant in checking their accounts for fraudulent activity. However, in a statement emailed to SCMagazine.com, malware research analyst Ken Bechtel from Tenable Network Security noted that in many cases, the consumer is rendered powerless.

“We often forget that the consumer is at a distinct disadvantage when dealing with POS malware, as this threat is beyond their control,” said Bechtel. “While cardholders can help protect their accounts by watching for skimmers, keeping their card within sight while paying bills and checking credit card statements for fraudulent activity, once a POS system is compromised there is nothing the user can do to prevent the activity. It's the responsibility of the organization to detect anomalies in credit card transactions and then take ongoing steps to prevent and remediate potential malware threats.”

Unwanted guests: Hackers breach HEI Hotels & Resorts' POS terminals

[harrybarracuda]

Cheap Chinese shit eh?

Multiple Vulnerabilities in BHU WiFi “uRouter”
By Tao Sauvage

A WONDERFUL (AND !SECURE) ROUTER FROM CHINA

The BHU WiFi uRouter, manufactured and sold in China, looks great – and it contains multiple critical vulnerabilities. An unauthenticated attacker could bypass authentication, access sensitive information stored in its system logs, and in the worst case, execute OS commands on the router with root privileges.

In addition, the uRouter ships with hidden users, SSH enabled by default and a hardcoded root password…and injects a third-party JavaScript file into all users’ HTTP traffic.

IOActive Labs Research: Multiple Vulnerabilities in BHU WiFi ?uRouter?

[harrybarracuda]

Talking of Routers, an interesting concept from a bunch of lads who already make a custom Firewall distro of Linux.

Only on the AC88U so far but plans to roll out to other devices.

I think I have one at home, so I might give it a shot and report back.

https://www.untangle.com/firmware/

https://wiki.untangle.com/index.php/ASUS_RT-AC88U_Installation

New home router OS tackles firmware shortcomings

Untangle announced the release of a new operating system for consumer Wi-Fi routers at DEF CON 24.

Router hardware has evolved and improved over the years, but its firmware remains stuck in the dark ages when it comes to security, network traffic visibility and control. Recognizing the inherent limitations in popular commercial routers, Untangle set about making a radical new OS for home routers based on its popular, broadly installed and easy-to-use NG Firewall product.

Untangle’s NG Firewall will be available to flash onto various router models, beginning with the Asus AC3100 RT AC88U.

“The open source community has known for a long time what router manufacturers are loathe to admit: router firmware is lacking,” said Dirk Morris, founder and chief product officer at Untangle. “Projects like DD-WRT have gained traction because of the limitations of the operating systems developed by hardware manufacturers. Firmware has failed to provide adequate security to the modern home, let alone network traffic visibility and shaping. Untangle handles these issues and more.”

The biggest challenge facing home networks isn’t necessarily even security: it’s the lack of visibility into and control over the traffic. Unlike commercial firmware on today’s home Wi-Fi routers, Untangle NG Firewall logs traffic for rich, robust reporting into every facet of what’s happening online: sites the kids are visiting, neighbors jumping on the wireless network, and the newest IP-enabled gadget phoning home.

NG Firewall allows users to create rules for managing access to websites, applications, and content based on criteria like device, user, time of day, day of week and more. Customers can see the effect of those rules through drill-down reports that can be monitored via the 360° Dashboard, a single pane of glass view into what’s happening on the network.

Untangle firmly believes that users have the right to modify the software on the hardware they purchase. As a free, downloadable, open source software firewall distribution, Untangle’s NG Firewall is predicated on the idea that hardware exists to deliver value from software, not the other way around.

https://www.helpnetsecurity.com/2016...ome-router-os/

[harrybarracuda]

Puts a different spin on the phrase "bug bounty"....

Wouldn't this be considered "stock manipulation"?

Trading in stock of medical device paused after hackers team with short seller
St. Jude Medical declares claim of vulnerability "false and misleading."

SEAN GALLAGHER - 8/27/2016, 12:22 AM

Trading in the stock of medical device manufacturer St. Jude Medical was halted Friday afternoon after a dramatic drop in its value. That drop was triggered by news of alleged vulnerabilities in the company's cardiac care devices. The vulnerability was disclosed not in a report by the company but by security researchers partnered with Muddy Waters Capital, an investment firm that had "shorted" St. Jude's stock on the information in order to profit from a drop in the stock's value.

The researchers at the security firm MedSec chose to take this route to disclosure, MedSec CEO Justine Bone said, to "ensure that St. Jude Medical responds appropriately and with urgency." The partnership with a short seller is a fundamental departure from the established approach of responsible disclosure normally taken by researchers. But it also represents an approach that bypasses the sort of legal maneuverings and threats, suppression of information, and inaction that have been experienced by researchers who have discovered vulnerabilities in other products. Researchers who discovered a vulnerability in Volkswagen electronic engine locks, for example, were forced to withhold a paper for two years through a court injunction filed by the automaker in 2012.

Muddy Waters issued a report on Thursday claiming that it had demonstrated "two types of cyber attacks against STJ implantable cardiac devices: a 'crash' that causes cardiac devices to malfunction... and a battery drain attack that could be particularly harmful to device dependent users." The report claimed that the vulnerabilities had been proven in "multiple demonstrations evidencing how hollow STJ's device security is."

In a blog post, Bone said that St. Jude "has stood out as lagging far behind" in addressing vulnerabilities in its products. She continues:

For years [St. Jude Medical] has continued to put patients at risk by profiting from the sale of devices and a device eco-system which has little to no built-in security. We believe St. Jude Medical has known about security problems in their products since at least 2013, but it is apparent from the lack of security protections or mechanisms in their product line that very little action has been taken. In order to help address patient safety, we have chosen to depart from standard cyber security operating procedures in order to bring this to the public’s attention and to ensure that St. Jude Medical responds appropriately and with urgency.
The partnership with Muddy Waters was to help the researchers "deliver this message," Bone said.

Bone wrote that she believed that it was time "to re-think the way cyber security is managed." She acknowledged that partnering with a short seller would draw criticism, "but we believe this is the only way to spur St. Jude Medical into action," she explained. "Most importantly, we believe that both potential and existing patients have a right to know about their risks."

After the report was released, St. Jude's stock fell 10 percent on Thursday and an additional 2 percent today before trading was halted. In a statement published today, a St. Jude spokesperson said, "We have examined the allegations made by Capital and MedSec on August 25, 2016 regarding the safety and security of our pacemakers and defibrillators, and while we would have preferred the opportunity to review a detailed account of the information, based on available information, we conclude that the report is false and misleading."

The vulnerabilities applied to older versions of the "Merlin@home" devices that drive the cardiac implants that are not capable of being automatically patched, the spokesperson said. The company claims that newer versions of the devices have already been updated. Additionally, the spokesperson dismissed the battery drainage vulnerability as "misleading" because MedSec claimed it could be executed from 50 feet away.

"This is not possible since once the device is implanted in a patient, wireless communication has an approximate 7-foot range," the spokesperson insisted, and the attack would also require "hundreds of hours of continuous and sustained pings" of the implant by an attacker. Furthermore, St. Jude claimed that the screen shots used to demonstrate the "crash" attack actually show the device working normally.

Trading in St. Jude stock resumed this afternoon and had recovered some of its losses, CNBC reports.

Trading in stock of medical device paused after hackers team with short seller | Ars Technica

[harrybarracuda]

So, if you're a Dropbox user and you haven't changed your password since 2012, now's a good time to do it.

Severity of 2012 Dropbox hack comes to light - 68m accounts were compromised

John McCarthy
31 August 2016 11:22am

Cloud-based file-manager Dropbox has admitted that the details of over 60 million accounts have been circulated online since a breach in 2012.

Dropbox
Motherboard first reported the breach, claiming that while individual users were informed of the breach at the time with forced password resets, the scale of user information circulating on the dark web has just become apparent.

Four databases totalling 5GB and 68,680,741 accounts has been independently verified by Dropbox sources via Motherboard and TechCrunch.

At the time of the breach the company announced: “We learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012. Our analysis suggests that the credentials relate to an incident we disclosed around that time.”

It claimed: “Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts.”

It did not admit that passwords were also leaked although the decryption upon them remains intact.

TechCrunch stated that the hack affected around three-fifths of the service’s user base at the time.

Severity of 2012 Dropbox hack comes to light - 68m accounts were compromised | Digital | The Drum

[harrybarracuda]

Here's what you should know, and do, about the Yahoo breach

Yahoo’s announcement that state-sponsored hackers have stolen the details of at least 500 million accounts shocks both through scale—it’s the largest data breach ever—and the potential security implications for users.

That’s because Yahoo, unlike MySpace, LinkedIn and other online services that suffered large breaches in recent years, is an email provider; and email accounts are central to users’ online lives. Not only are email addresses used for private communications, but they serve as recovery points and log-in credentials for accounts on many other websites.

An email compromise is one of the worst data breaches that a person could experience online, so here’s what you should know:

Fifty shades of hashing

Yahoo said that the “vast majority” of the stolen account passwords were hashed with bcrypt. Hashing is a one-way cryptographic operation that transforms data into a set of random-looking characters that serves as its unique representation—this is called a hash.

Hashes are not supposed to be reversible, so they’re a good way to store passwords. You take input, such as a password, pass it through a hashing algorithm and compare it to a previously stored hash.

This provides a way to verify passwords at log-in time without actually storing them in plain text in the database. But not all hashing algorithms offer equal protection against password cracking attacks that attempt to guess which plaintext password generated a specific hash.

Unlike the ageing MD5, which is quite easy to crack if implemented without additional security measures, bcrypt is considered a much stronger algorithm. This means that in theory, the likelihood of hackers cracking “the vast majority” of Yahoo passwords is very low.

But here’s the problem: Yahoo’s wording suggests that most, but not all passwords were hashed with bcrypt. We don’t know how many passwords were hashed with another algorithm, or which one it was. The fact that this hasn’t been specified in Yahoo’s announcement or FAQ page suggests that it’s an algorithm that’s weaker than bcrypt and that the company didn’t want to give away that information to attackers.

In conclusion, there’s no way to tell if your account was among those whose passwords were hashed with bcrypt or not, so the safest option at this point is to consider your email compromised and to do as much as damage control as possible.

Don’t keep emails just because you can

Once hackers break into an email account they can easily discover what other online accounts are tied to that address by searching for sign-up emails. These are the welcome messages that most websites send when users open a new account, and which users rarely delete. These days most email providers offer enough storage space that users won’t ever have to worry about deleting messages.

Aside from exposing the links between an email address and accounts on various websites, those sign-up emails can also expose the specific account names chosen by the user, if different from their email address.

If you’re among the people who don’t delete welcome emails and other automatic notifications sent by websites, such as password resets, then you might want to consider doing so and even go back to clean your mailbox of such communications.

Sure, there might be other ways for hackers to find out if you have an account on a certain website, or even a number of websites, but why make it easier for them to compile a full list?

Be careful when asked for your personal details

Among the account information that hackers stole from Yahoo were real names, telephone numbers, dates of birth and, in some cases, unencrypted security questions and answers. Some of those details are sensitive and are also used for verification by banks and possibly government agencies.

There are very few cases when a website should have your real date of birth, so be judicious about providing it.

Also, don’t provide real answers to security questions, if you can avoid it. Make something up that you can remember and use that as answer. In fact, Yahoo doesn’t even recommend using security questions anymore, so you can go into your account’s security settings and delete them.

Check your email forwarding rules regularly

Email forwarding is one of those “set it and forget it” features. The option is buried somewhere in the email account settings that you never check and if it’s turned on there’s little to no indication that it’s active.

Hackers know this. They only need to gain access to your email account once, set up a rule to receive copies of all your emails and never log back in again. This also prevents the service from sending you notifications about repeated suspicious log-ins from unrecognized devices and IP addresses.

Two-factor authentication everywhere

Turn on two-factor authentication—this is sometimes called two-step verification—for any account that supports it. This will prompt the online service to ask for a one-time-use code sent via text message or generated by a smartphone app, in addition to the regular password, when you try to access the account from a new device.

It’s an important security feature that could keep your account secure even if hackers steal your password. And Yahoo offers it, so take advantage of it.

Don’t reuse passwords; just don’t

There are many secure password management solutions available today that work across different platforms. There’s really no excuse for not having unique, complex passwords for every single account that you own. If you do want memorable passwords for a few critical accounts use passphrases instead: sentences made up of words, numbers and even punctuation marks.

Here comes phishing

Large data breaches are typically followed by email phishing attempts, as cybercriminals try to take advantage of the public interest in such incident.

These emails can masquerade as security notifications, can contain instructions to download malicious programs that are passed as security tools, can direct users to websites that ask them for additional information under the guise of “verifying” their accounts and so on.

Be on the lookout for such emails and make sure that any instructions that you decide to follow in response to a security incident came from the affected service provider or a trusted source.

Here's what you should know, and do, about the Yahoo breach | PCWorld

[david44]

The asseword managers

[Dragonfly]

^ that's Harry fooked then, he only swear by them

[Cujo]

^ that's Harry fooked then, he only swear by them

Thought you were going to hack his drop box.
What happened to that?

[harrybarracuda]

^ that's Harry fooked then, he only swear by them

Thought you were going to hack his drop box.
What happened to that?

Oh Buttplug's always threatening to hack people.

The trouble is he wouldn't have a clue where to start.

[Latindancer]

He starts at the bottom, of course

[Dragonfly]

Thought you were going to hack his drop box.

I did ? link ? probably harry asking me some silly challenge so he could share with me his ladyboy porn collection

[baldrick]

state-sponsored hackers

are they on the benefits ?

[harrybarracuda]

state-sponsored hackers

are they on the benefits ?

Fucking Ruskies again innit.