brute force

VUDU Alerts Customers To Theft Of Hard Drives Containing Personal User Info

VUDU Alerts Customers To Theft Of Hard Drives Containing Personal User Info

In the last hour, several Consumerist readers have forwarded us e-mails they have received from the video-streaming folks at VUDU. The message alerts customers to a recent theft at the company offices and the potential that customers’ private information could be compromised. [More]

Change Your Old Amazon Password Now To Avoid This Cracking Risk

Change Your Old Amazon Password Now To Avoid This Cracking Risk

Some old Amazon account appear to have a flaw in their password protection scheme that makes them more vulnerable to a brute force cracking attempt. For affected accounts, if you haven’t changed your password in several years, and it’s over 8 characters long, it looks like all people have to do is enter the first 8 characters correctly and they’re in. Even if after the 8 characters they just type gobbledygook. [More]

Another Sears.com Security Hole Discovered

Another Sears.com Security Hole Discovered

That Sears website exploit we posted about a couple of weeks ago was funny, mainly because it seemed more embarrassing for Sears than a true security risk. However, an independent security researcher had also discovered a more significant issue with the site—it allowed for an unlimited number of gift card verification attempts via an external script, so a criminal could use the site as a brute force method to identify valid gift cards for Sears and Kmart.