Message-ID:

"If you can, help others. If you can't, at least don't hurt others." -- the Dalai Lama

computers / news.admin.net-abuse.email / [SOT] Dark power of weak passwords :-)

[SOT] Dark power of weak passwords :-)

<anfi+ld30ncuf6f-m9h6@wp.eu>

https://news.novabbs.org/computers/article-flat.php?id=880&group=news.admin.net-abuse.email#880

copy link Newsgroups: news.admin.net-abuse.email

Path: i2pn2.org!i2pn.org!usenet.goja.nl.eu.org!weretis.net!feeder8.news.weretis.net!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: anfi@onet.eu (Andrzej Adam Filip)
Newsgroups: news.admin.net-abuse.email
Subject: [SOT] Dark power of weak passwords :-)
Date: Sat, 17 Sep 2022 11:57:11 +0200
Organization: It is for me to know and for you to find out.
Lines: 17
Message-ID: <anfi+ld30ncuf6f-m9h6@wp.eu>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Injection-Info: reader01.eternal-september.org; posting-host="bf6cf09e3448685cf8c9131199365fa5";
logging-data="158788"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19TTnpal0yCPADucms1oHKn"
Cancel-Lock: sha1:lcFoa+qeDPrvnQ8TKj5CDyuwtro=
sha1:Y0kssrZldue0XxgmkvXWoq0KcaU=

by: Andrzej Adam Filip - Sat, 17 Sep 2022 09:57 UTC

https://www.bbc.co.uk/news/technology-62937678
> IHG hack: 'Vindictive' couple deleted hotel chain data for fun
> ; Published 2022-09-17T05:48:49.000Z
>
> Hackers have told the BBC they carried out a destructive cyber-attack
> against Holiday Inn owner Intercontinental Hotels Group (IHG) "for
> fun".
> Describing themselves as a couple from Vietnam, they say they first
> tried a ransomware attack, then deleted large amounts of data when
> they were foiled.
> They accessed the FTSE 100 firm's databases thanks to an easily found
> and weak password, Qwerty1234. […]

All SMTP passwords are stronger ;-)

--
A. Filip

Re: [SOT] Dark power of weak passwords :-)

<20240222143043.6c1ea9022ead5c5216d34c3e@inter-corporate.com>

copy mid

https://news.novabbs.org/computers/article-flat.php?id=1552&group=news.admin.net-abuse.email#1552

copy link Newsgroups: news.admin.net-abuse.email

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: noc@inter-corporate.com (Randolf Richardson 張文道)
Newsgroups: news.admin.net-abuse.email
Subject: Re: [SOT] Dark power of weak passwords :-)
Date: Thu, 22 Feb 2024 14:30:43 -0800
Organization: Inter-Corporate Computer & Network Services, Inc. --
Simplifying complexity
Lines: 31
Message-ID: <20240222143043.6c1ea9022ead5c5216d34c3e@inter-corporate.com>
References: <anfi+ld30ncuf6f-m9h6@wp.eu>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Info: dont-email.me; posting-host="044301a79e7f327b1cb8322e86fc38b5";
logging-data="135731"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+vvpWe99jn3qXhaveyHqJ/"
Cancel-Lock: sha1:eo0GXsOqdTO+DQJS3v+DdVQFSc8=
X-Newsreader: Sylpheed 3.7.0 (GTK+ 2.24.33; x86_64-pc-linux-gnu)
X-Face: Mdk`]wSvp_idiT'douqL^kIxU681Szl/jI<&ApRrYrfhF|W@B4{SFu%{A$d<aMR4F]eOr~PH7}v#!C0Ivi$TL3W_l~Vm$[b[-@wFWipnhLyvZhC@FD;Ck']z-'J~^$byCpe)?(nUwn:s{A{@g8vVT),

by: Randolf Richardson � - Thu, 22 Feb 2024 22:30 UTC

On Sat, 17 Sep 2022 11:57:11 +0200
Andrzej Adam Filip <anfi@onet.eu> wrote:
> https://www.bbc.co.uk/news/technology-62937678
> > IHG hack: 'Vindictive' couple deleted hotel chain data for fun
> > ; Published 2022-09-17T05:48:49.000Z
> >
> > Hackers have told the BBC they carried out a destructive cyber-attack
> > against Holiday Inn owner Intercontinental Hotels Group (IHG) "for
> > fun".
> > Describing themselves as a couple from Vietnam, they say they first
> > tried a ransomware attack, then deleted large amounts of data when
> > they were foiled.
> > They accessed the FTSE 100 firm's databases thanks to an easily found
> > and weak password, Qwerty1234. […]
>
> All SMTP passwords are stronger ;-)

With a capital letter Q? They must have had to abide by publicly
published password creation rules, like "at least one upper-case letter,"
some digits, and at least one symbol (e.g., a period).

Sometimes I wonder if such publicly published rules help hackers
to automatically eliminate certain sequences that don't comply, leaving
them with a lower number of total attempts -- that must be a real time-
saver for some account hacking efforts! :O

--
Randolf Richardson 張文道, CNA - noc@inter-corporate.com
Inter-Corporate Computer & Network Services, Inc.
Beautiful British Columbia, Canada
https://www.inter-corporate.com/

Subject	Author
[SOT] Dark power of weak passwords :-)	Andrzej Adam Filip
Re: [SOT] Dark power of weak passwords :-)	Randolf Richardson 張文道