92
Lawsuit says Clorox hackers got passwords simply by asking
(www.nbcnews.com)
jee.. is that easy? what's your password OP?
hunter2, but don't tell anyone because it's a secret.
All I see is ******2
Ahh, I’m home finally
RIP bash.org
EDIT: Nice, there's a bunch of mirrors.
Weird, because all I see is hunter*
Yup, it is. Social engineering is by far the most effective means of gaining unlawful access to any system.
Humans are always the weakest link.
Exactly. Many breaches follow this pattern:
- Learn the name and some basic details about the secretary or something
- Call corporate tech support asking for a password reset claiming to be the secretary
- Access important stuff since secretaries have a surprising amount of access
Replace "secretary" with some other relevant individual who has a surprising amount of access and wouldn't attract attention.
correcthorsebatterystaple
Hi, I'm Steve from corp. I need your password to verify some settings....
At least it wasn't due to a user input sanitization issue
instead it was a user sanitization issue
this post was submitted on 23 Jul 2025
92 points (100.0% liked)
Cybersecurity
7975 readers
100 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 2 years ago
MODERATORS