Cybersecurity

5446 readers

68 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

Alleged leak of 270k user e-mails + unsalted MD5 password hashes (!!!) from popular sim racing service Trading Paints (twitter.com)

submitted 1 year ago by sunaurus@lemm.ee to c/cybersecurity@sh.itjust.works

2 comments fedilink hide all child comments

top 2 comments

sorted by: hot top controversial new old

[–] sunaurus@lemm.ee 10 points 1 year ago

Assuming the leak is real (I did not attempt to verify if any of the leaked passwords work myself): why the heck are popular services in 2023 still using MD5?

I'm also really disappointed by the fact that many users & even many admins (people with @iracing.com and @tradingpaints.com e-mail addresses) clearly don't use password managers.

[–] hoodlem@hoodlem.me 6 points 1 year ago

Unsalted. And MD5? Ugh ugh ugh. Feel so bad for the thousands of these folks that re-use the same password for important email accounts and banking.

Password managers are a must today.