Citrix's GoToMyPc users exposed after password leak

If you are a user of Citrix's GoToMyPC unfortunately you will have to reset your passwords (use something long varied and strong, don't reuse an old password!).

The service, which lets users remotely access PCs over the internet, was hit by a "very sophisticated password attack," Citrix said Sunday in a blog post. The company is requiring users to reset their passwords using the "forgot password" link. This is just another hack in a long line that have been disclosed in the past few weeks as hackers seem to be targeting website with huge user databases in an attempt to reap the rewards of cybercrime.

"Citrix takes the safety and security of its customers very seriously, and is aware of the password attack on GoToMyPC," said John Bennett, product line director at Citrix, in a statement. "Once Citrix learned about the attack, it took immediate action to protect customers. Citrix can confirm the recent incident was a password re-use attack, where attackers used usernames and passwords leaked from other websites to access the accounts of GoToMyPC users. Further, there is no indication of compromise to any other Citrix product line."

To reset your GoToMyPC password, go to the site and click on the Log In link.
I would recommend along with resetting your password that you enable two-step verification, a process that sends a code to your phone each time you want to sign in. If you've used the same password for GoToMyPC at other websites or for other accounts, you should change it at those places as well and don't make up a new password and use it on your other sites to, not that you would do such a thing.

TeamViewer Confirms Hack

For those who are not familiar with the service TeamViewer allows computer professionals and consumers to log into their computers from remote locations. For just over month, a growing number of users have reported their accounts were accessed by cyber criminals who used their highly privileged access and drain PayPal and bank accounts. On Sunday, TeamViewer spokesman Axel Schmidt acknowledged to Ars that the number of takeovers was "significant," but he continued to maintain that the compromises are the result of user passwords that were compromised through a cluster of recently exposed megabreaches involving more than 642 million passwords belonging to users of LinkedIn, MySpace, and other services.

So if you have a TeamViewer account the hackers news have put together the steps that you should take to make sure that you are secure, see below.

Here's What you should do:

TeamViewer users are strongly recommended to change their account passwords and use a strong one, and of course, NOT to use the same credentials across multiple sites.

I know, remembering different passwords for different accounts is a real pain, but you can use a good password manager to solve this issue.

Meanwhile, users should also ensure their TeamViewer accounts are protected with a randomly generated password that is at least 10 characters long, contains numbers, symbols, and uppercase and lowercase letters, and is unique.

It is always a good idea to run the TeamViewer software only when it's truly needed, instead of allowing it to auto-start each time your PC is turned on.