Change your Facebook password now!

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Oh, feet of clay!

Facebook has just admitted that it has found many places – hundreds of millions of places, maybe – where it saved users’ passwords to disk in raw, unencrypted form.

In jargon terms, they’re known as plaintext passwords and it means that instead of seeing a password scrambled into a hashed form such as 379f153­1753a7c43­ab4f4faace­212451, anyone looking at the stored data will see the actual password, right there, just like that.

Like that: 123456789, or that: mypassword99, or that: jw45X$/­6FsT8.

Read more

Top 5 Security News

Why phone numbers stink as identity proof

The European Copyright Directive: What Is It, and Why Has It Drawn More Controversy Than Any Other Directive In EU History?

Extracting bitlocker keys from a TPM

Norwegian phones sent personal information to China

Hackers take down Safari, Vmware and Oracle at Pwn2Own

Flaw in popular PDF creation library enabled remote code execution