293 matches found
Github accounts compromised in massive Brute-Force attack using 40,000 IP addresses
Popular source code repository service GitHub has recently been hit by a massive Password Brute-Force attack that successfully compromised some accounts, GitHub has urged users to set up two-factor authentication for their accounts and has already reset passwords for compromised accounts. "We sen...
Github accounts compromised in massive Brute-Force attack using 40,000 IP addresses
Popular source code repository service GitHub has recently been hit by a massive Password Brute-Force attack that successfully compromised some accounts, GitHub has urged users to set up two-factor authentication for their accounts and has already reset passwords for compromised accounts. “We sen...
Security releases (CVE-2013-5958): Symfony 2.0.25, 2.1.13, 2.2.9, and 2.3.6 released
Log in to add a reaction to this post add a reaction ❤️ 👍 🚀 Symfony 2.0.25, 2.1.13, 2.2.9, and 2.3.6 have just been released; they contain a security fix for the Security component CVE-2013-5958. Note Even if the end of life of Symfony 2.0 was reached last month, we are also releasing a new versio...
LivingSocial Ups its Password Encryption After Breach
The popular daily deal site LivingSocial announced Monday it has abandoned the SHA1 hash for Blowfish’s bcrypt following a massive data breach that impacted 50 million customers. The company confirmed last weekend that its computer systems were attacked and thieves gained access to names, e-mail...
Fedora Update for py-bcrypt FEDORA-2013-4447
Check for the Version of py-bcrypt OpenVAS Vulnerability Test Fedora Update for py-bcrypt FEDORA-2013-4447 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
Fedora Update for py-bcrypt FEDORA-2013-4424
Check for the Version of py-bcrypt OpenVAS Vulnerability Test Fedora Update for py-bcrypt FEDORA-2013-4424 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
Fedora Update for py-bcrypt FEDORA-2013-4424
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for py-bcrypt FEDORA-2013-4447
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 18 : py-bcrypt-0.3-1.fc18 (2013-4447)
Fix for CVE-2013-1895: py-bcrypt 0.3 contains a concurrency bug that could result in auth bypass. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora 17 : py-bcrypt-0.3-1.fc17 (2013-4424)
Fix for CVE-2013-1895: py-bcrypt 0.3 contains a concurrency bug that could result in auth bypass. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Python 'py-bcrypt' 模块身份验证绕过漏洞(CVE-2013-1895)
BUGTRAQ ID: 58702 CVECAN ID: CVE-2013-1895 Py-bcrypt是OpenBSD Blowfish密码哈希算法的实现。 Python py-bcrypt 0.3之前版本没有正确执行并发内存范围操作,在实现上存在身份验证绕过漏洞,可被利用绕过安全限制,非法访问系统。 0 Python py-bcrypt Module 0.x 厂商补丁: Python ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: www.python.org...
Social Site Formspring Says 420k User Password Hashes Posted Online
Hackers broke into a development server at Formspring, a social Q&A site, and made off with the password hashes for 420,000 users and later posted them online. The company has reset all of the users’ passwords and said it also has changed the way that it handles passwords. Formspring officials sa...
crypt_blowfish 1.0
Hi, This is to announce the first mature version of cryptblowfish and the minor security fix that this version adds. cryptblowfish is a public domain implementation of a modern password hashing algorithm based on the Blowfish block cipher, provided via the crypt3 and a reentrant interface. It is...