Soooo, have you enabled 2-factor authentication yet!?
-or, are you using the same password everywhere?
This is what’s for sale at the darker side of the interwebz:
100,000 Yahoo accounts acquired from 2012 Last.FM data breach, for 0.0084 Bitcoins ($10.76).
Another 145,000 Yahoo accounts acquired from two separate data breaches – the 2013
Adobe data breach and the 2008 MySpace breach – for 0.0102 Bitcoins (USD 13.75).
500,000 Gmail accounts from the 2008 MySpace hack, the 2013 Tumblr breach, and the 2014 Bitcoin Security Forum breach for 0.0219 Bitcoins ($28.24).
Another 450,000 Gmail accounts for 0.0201 BTC (USD 25.76), which came from various other data breaches in Dropbox, Adobe, and others that took place between 2010 and 2016.
If you, for any reasons, are getting sweaty hands now, you may take a look at https://haveibeenpwned.com/ to see if you’re one of the lucky ones… -I’d never give my stuff away to a service like that, but there are people that do, and nothing bad has happened -yet, so…
🙂 -yup, really not so bad as “everyone” first expected
#android #security #linux #vulnerability
Originally shared by Adrian Ludwig
On January 19th, 2016, Perception Point and Red Hat announced a security issue (CVE-2016-0728) in the mainline linux kernel that affects some Android devices. We have received some questions, so I want to quickly provide an update.
We have prepared a patch, which has been released to open source and provided to partners today. This patch will be required on all devices with a security patch level of March 1 2016 or greater.
In addition, since this issue was released without prior notice to the Android Security Team, we are now investigating the claims made about the significance of this issue to the Android ecosystem. We believe that the number of Android devices affected is significantly smaller than initially reported.
We believe that no Nexus devices are vulnerable to exploitation by 3rd party applications. Further, devices with Android 5.0 and above are protected, as the Android SELinux policy prevents 3rd party applications from reaching the affected code. Also, many devices running Android 4.4 and earlier do not contain the vulnerable code introduced in linux kernel 3.8, as those newer kernel versions not common on older Android devices.