Archive for June, 2012

New Website: Naples Concierge Nursing

Posted on June 24, 2012, under Webmaster.

Naples Webmasters has recently completed web development of a new website for Naples Concierge Nursing. The website was built with the latest in blog technologies. Features include JQuery user interface design and search engine optimization.

Website Features

  • Built with latest content management software
  • JQuery Slideshow on homepage
  • JQuery Interactive Featured Boxes

Over 8 Million LinkedIn Passwords Exposed

Posted on June 10, 2012, under Webmaster.

It is now confirmed that over 8 million LinkedIn user passwords were posted on a Russian hacker website. Social networking site LinkedIn and online dating service eHarmony warned that some user passwords had been breached after security experts discovered scrambled files with passwords for millions of online accounts.

In thier corporate blog post, LinkedIn describes the current situation:

We want to provide you with an update on this morning’s reports of stolen passwords. We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts. We are continuing to investigate this situation and here is what we are pursuing as far as next steps for the compromised accounts:

  1. Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
  2. These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in this email. Once you follow this step and request password assistance, then you will receive an email from LinkedIn with a password reset link.
  3. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.

It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases.

We sincerely apologize for the inconvenience this has caused our members. We take the security of our members very seriously. If you haven’t read it already it is worth checking out my earlier blog post today about updating your password and other account security best practices.

This large scale incident of network security breach is not uncommon. With rise of massive global social networking websites, there has been an increase in criminal and state sponsored hacking. These hackers gain valueable information when they can penetrate a whale like LinkedIn.

Users of social networking websites like Facebook, Twitter, or Tumbler should be aware of the danger of using the same password for online services like banking, email or business. In addition to using unique passwords for websites, users should also use significantly complex and long passwords. At a minimum thier password should be 20 characters and consist of letters, numbers, and symbols  (such as !, $, #, %).

Faster computing means that every posssible password with lowercase, alphanumeric, and 6 characters long, can be calculated in around 40 seconds. This method of attacking a website login with millions of attempts is called brute force. Although brute force attemps are usually prevented, there are website without this basic protection.

Another new hacking phenomenon is called social engineering.  Social engineering uses a comination of public or private information to penetrate a users account and exploit the targets access to confidential information. Using a technique called spearphishing, hackers will target a individual with access to sensitive data.

If you havent already started changing your passwords, then I recommend you get started.