In a Facebook post published Wednesday morning, 000Webhost officials confirmed the breach and said it was the result of hackers who exploited an old version of the PHP programming language to gain access to 000Webhost systems. The advisory makes no reference to the plaintext passwords, although it does advise users to change their credentials. Hunt has also encountered evidence the breach may extend to other Web hosting providers, presumably because of partnerships they had with 000Webhost.
Hunt uncovered a variety of weaknesses, including the use of unencrypted HTTP communications on the login page and a code routine that placed a user's plaintext password in the resulting URL. That means the unobfuscated passwords were likely written to all kinds of administer logs. It's also possible that the site didn't follow standard industry practices and cryptographically hash the passwords when storing them. In any event, the data may have been accessed by executing a SQL injection exploit or other common website attack or by an insider with privileged access to the 000Webhost system.
000Webhost users should be on the alert for fraud. And if they used the same password anywhere else, reset it there, too.
Graham Clark, the 17-year-old Florida boy accused of pulling off the big Twitter hack, pled not guilty to charges on Tuesday. During the security breach, top accounts including Democratic presidential candidate Joe Biden and Tesla/SpaceX CEO Elon Musk were taken over to push a bitcoin scam.
In this footage, a supercomputer’s CPU cores — nearly 900 of them — are neatly lined up in the Task Manager. The Doom logo appears, generated by code that targets each core. Then Doom itself plays, each “pixel” generated by thrashing a core with just the right amount of busy work. Max Holt: Finally got […]
The UK government today ordered domestic companies to stop buying equipment from Chinese vendor Huawei and to stop using its kit entirely by 2027. Huawei is suspected to be an arm of the Chinese government, breaking into western markets (and maybe its networks) by selling impossibly cheap equipment. The UK only recently approved more Huawei […]
The aluminum can is a great invention. And for 60 years, it and its crafty little addition, the pull tab, have made transporting and drinking all of our favorite beers, soft drinks and other beverages about 1,000 percent easier. Of course, evolution continues — and even an innovation as awesome as the aluminum can is […]
It’s tempting for many young professionals to assume that because they’ve spent most of their lives posting links to Facebook or pushing selfies to Instagram that they have the skills needed to be a digital marketer. Creating compelling content is certainly important, but if you’re not up to speed on search engine optimization (SEO), how […]
With everybody working from home now, it’s natural to start thinking about careers where not going into the office is more the norm than the exception. Better yet, many are looking to start careers as freelancers, professionals who build their livelihoods around the scope of their talent and not the fortunes of one all-encompassing employer. […]