Very important!! Hacked accounts

Discussion in 'Forum News and Updates' started by Olymoon, Jan 15, 2023.

Thread Status:
Not open for further replies.
  1. Olymoon

    Olymoon MODERATOR Staff Member

    Joined:
    Jan 31, 2012
    Messages:
    5,814
    Likes Received:
    4,460
    Hi Audiosexers,

    Several accounts have been hacked.
    If you are the owner of one of these account, please contact me at AudioZ.

    All of you, please change your passwords, and check your security settings.
    Most hacked account cant be recuperated.

    Have a nice day
     
    Last edited: Jan 15, 2023
    • Useful Useful x 16
    • Like Like x 5
    • Interesting Interesting x 5
    • List
  2.  
  3. Babarleroideselephants

    Babarleroideselephants Newbie

    Joined:
    Aug 20, 2013
    Messages:
    4
    Likes Received:
    0
    Oh no!
     
  4. jack1958

    jack1958 Ultrasonic

    Joined:
    Jul 5, 2013
    Messages:
    67
    Likes Received:
    25
    Just got a message with sexual offer. Changed my PW. Hope, that helps. Thanks Olymoon !
     
    • Like Like x 1
    • Love it! Love it! x 1
    • List
  5. Haliax

    Haliax Guest

    Please, for the love of all things good: Choose a password that is difficult to guess and complex enough to not be vulnerable to brute forcing.

    Bad
    Never substitue letters for numers or characters. Example: Password -> Pa$$w0rd = Very easy to brute force

    Good
    A phrase made up of 3 or 4 random words is good: Lucky dinosaur skateboard shoes = Difficult to guess and not worth brute forcing

    If all else fails, use a password manager (1Password or Keepass) to create a complex password

    [​IMG]
     
    Last edited by a moderator: Jan 15, 2023
    • Like Like x 3
    • Useful Useful x 2
    • Disagree Disagree x 1
    • Love it! Love it! x 1
    • List
  6. reziduchamp

    reziduchamp Producer

    Joined:
    Mar 15, 2016
    Messages:
    434
    Likes Received:
    147
    Is this just on Audiosex or sister as well?
     
  7. Olymoon

    Olymoon MODERATOR Staff Member

    Joined:
    Jan 31, 2012
    Messages:
    5,814
    Likes Received:
    4,460
    Only here.
     
    • Like Like x 2
    • Agree Agree x 1
    • List
  8. Haliax

    Haliax Guest

    @Olymoon Are you able to implement MFA?
     
  9. Thanks for the head's up! Just changed to a sturdier password. If you suddenly see posts from me screaming 'peace and happiness' and how I 'love everyone', you'll know I got hacked. :rofl:
     
    • Funny Funny x 8
    • Like Like x 1
    • List
  10. Xupito

    Xupito Audiosexual

    Joined:
    Jan 21, 2012
    Messages:
    6,956
    Likes Received:
    3,830
    Location:
    Europe
    Well, password changed.
    In the style of the above fellow, if I suddenly behave like a decent person that means I got jacked :rofl:
     
  11. Haliax

    Haliax Guest

    Account takeover can be made harder by removing the ability to log in with username. The username is the already known, that’s one part of the puzzle.

    logging in with email and password forces an attacker to have both parts of authentication.
     
    • Agree Agree x 2
    • Like Like x 1
    • List
  12. clone

    clone Audiosexual

    Joined:
    Feb 5, 2021
    Messages:
    5,953
    Likes Received:
    2,528
    Someone's account also posted the exact same style/link spam yesterday on another one of the audio websites forum. It isn't just random activity.
     
  13. phumb-reh

    phumb-reh Guest

    For the love of goddess, use a goddamn password manager. I say this as a sometime computer security guy. You have to remember just one password, and it's synced between all of your devices. I don't even know my AS password, there's no need to.

    Unique, impossible to guess and/or dictionary attack passwords per site, that's where you want to be at. I use Bitwarden, but there are others, free and paid for. Give it a go, but you don't want to go back really.
     
  14. synths4grins

    synths4grins Producer

    Joined:
    Aug 24, 2017
    Messages:
    149
    Likes Received:
    140
    And, DO NOT USE LastPass. The hack of LastPass last year and subsequent research into what was stolen and reveled showed how inadequate and incompetent their security practices were, and still are. There's lots of info out now documenting this, but for example, stolen and non-encrypted is the list of every website you have stored passwords for. And it gets much worse. The Security Now podcast #905 has details if you're interested.

    My choice is also Bitwarden, a highly respected, Open Source, and free password manager. It's easy to import your passwords and data into Bitwarden from LastPass and others if you're using something else.
     
    • Like x 1
    • Agree x 1
    • Winner x 1
    • Interesting x 1
    • Useful x 1
    • List
  15. Haliax

    Haliax Guest

    Following on from @synths4grins comment on the LastPass data breach:

    If anyone wants to keep up to date on what is happening out there in the wild, the following links will make sure you have some forewarning.
    Code:
    https://blog.knowbe4.com/
    https://www.hackread.com/
    https://thehackernews.com
    https://www.bleepingcomputer.com/
     
    Last edited by a moderator: Jan 15, 2023
    • Interesting Interesting x 3
    • Like Like x 1
    • List
  16. twoheart

    twoheart Audiosexual

    Joined:
    Nov 21, 2015
    Messages:
    2,008
    Likes Received:
    1,223
    Location:
    Share many
    A fact for security researchers is that with increasing complexity and increasing security requirements, e.g. number of digits, frequency of change, the security even decreases. I have observed with my colleagues that they write their passwords on small pieces of paper again or set their date of birth five times separated by $ as password since my company requires 22+ -digit passwords. :rofl:

    So better don't overcomplicate your PW or you won't remember it after the next vacations :bleh:

    p.s.: Thank you for the advice @Olymoon PW changed
    Not the same PW for AS and AZ helps not to lose both if one is hacked
     
    Last edited by a moderator: Jan 15, 2023
  17. Haliax

    Haliax Guest

    Maybe it is time for you and your colleagues to use a password manager. If it is corporate, I would suggest 1Password as it supports all common browsers, operating systems and phones
     
  18. bobdule

    bobdule Rock Star

    Joined:
    Dec 28, 2014
    Messages:
    603
    Likes Received:
    411
    all you can do is to web sing,
    and this web song is called:
    theme:
    hack me one
    hack me too
    new passwords are sended thrue

    chorus 1
    i loosed my copyright
    but the bites also like to farts.

    chorus 2
    give me give me your cookies
    to exploit your security.

    chorus 3
    take my musical interlude
    a troll life of gratitude.
     
    • Funny Funny x 3
    • Love it! Love it! x 1
    • List
  19. twoheart

    twoheart Audiosexual

    Joined:
    Nov 21, 2015
    Messages:
    2,008
    Likes Received:
    1,223
    Location:
    Share many
    Privately I do use a PW manager.
    But on the corporate network something like this is not permitted/planned.

    On the other hand: Did you hear about the last-pass hack in the last weeks?
    https://www.theverge.com/2022/12/22...breach-cloud-encrypted-password-vault-hackers
    That's what I call a security nightmare for their users

    In the end there is nothing like absolute security.

    Most security problems result from behavioral problems of how the people using the internet. They just don't take it serious what they do there.
     
    Last edited: Jan 15, 2023
  20. Haliax

    Haliax Guest

    That is a really bad business decision, do you have a CSO or CISO in your organisation? They should be held accountable, if you don't have one then I would have strong words with whoever is ultiamtely responsible for information security.

    I spend most of my life educating people on InfoSec and AppSec, it get worse when people think they know what security is. I can't remember a time when a pen test has yeilded 0 vulnerabilities.
     
  21. naitguy

    naitguy Audiosexual

    Joined:
    Jan 9, 2017
    Messages:
    732
    Likes Received:
    512
    Location:
    Canada
    You promised you wouldn't tell anyone!
     
Loading...
Thread Status:
Not open for further replies.
Loading...