I am probably beating a dead horse, and here we go again. It didn't matter how strong your password was, your Yahoo account has been compromised anyways by a hack, back  in 2014,  no less. Technically its too late to change your password, since its been sitting out there for the past 2 years along with your account information. I changed my yahoo password anyways, but I think I need to closely examine my credit report. Also I think I need to institute a personal password policy, change them every week or sooner.

Someone famous recently said, "there is no such thing as privacy anymore" . I agreed and really didn't think much about it. We all know about smart devices such as TV's and refrigerators using a Wi-Fi connection at home that can be hacked. This article blew my mind, no pun  intended, seriously. Its time to start wondering or worrying about expectations of privacy with smart devices that work with an app on your mobile phone.  Disclaimer: If your sensitive to consenting  adult recreational content, avoid going to the link.

ClixSense Plain Text Password Dump




Here's a new but makes sense concept that I am not surprised exists. Getting paid to click on internet ads. Company's pay websites to post their ads and then other companies pay people to click on those ads to make it look the website ads are getting traffic. The internet is a big advertising scam, sort of, I am sure the ads to work somewhat., but its kind of like paying for friends, its not real. Anyhoo, The pay to click on ads company ClixSense's user password database was hacked affecting over six million passwords.  It was an easy job because the user  passwords were stored as plaintext in a database, nothing to crack.

A good takeaway from this incident:

Don’t use the same passwords on two different sites. Even if you choose a super-strong password, it only takes one careless site to leak that password in directly usable form.

I would bet we are all guilty of using the same password on multiple websites, I admit I am guilty of that. What's the alternative? where are you going to store a list of  individual strong passwords for each website that is readily available? I guessing an encrypted  document with only one strong password to memorize.

Cryptomining malware on NAS servers – is one of them yours?



Say what? Cryptomining, never heard of it. I vaguely know what Bitcoin is, an online currency. Bitcoin is known as the first cryptocurrency . Honestly, today was the first time I have either term "coined", get it? I have to cut back on my youtube cartoon watching apparently. So bitcoin is a digital currency aka Geek Coin to me, that can't be taxed or regulated and the Users are anonymous, so it tends to attract criminals. So, you can buy bitcoin on an exchange or you can earn it cryptomining it. Which is getting people to use their computer's to perform cryptographic calculations  until they "mine a bitcoin. Some ingenious criminals created cryptomining malware that essentially hijacks computers to form a cryptomining botnet to increase the amount of bitcoins they can get. Its amazes me how so many people have so much time for these shenanigans, but it must be a job or career for some.