What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-01-08 15:21:31 | SolarWinds Taps Firm Started by Ex-CISA Chief Chris Krebs, Former Facebook CSO Alex Stamos (lien direct) | SolarWinds Hires New Cybersecurity Firm Founded by Former CISA Director Chris Krebs and Alex Stamos, Former Security Chief at Yahoo and Facebook | Yahoo Yahoo | ||
|
2019-10-01 13:24:45 | Former Yahoo Programmer Pleads Guilty to Hacking User Accounts (lien direct) | A former Yahoo software engineer has admitted in court to hacking into the accounts of thousands of the platform's users. The man, Reyes Daniel Ruiz, 34, of Tracy, California, pleaded guilty to accessing about 6,000 Yahoo accounts, in search of private and personal records, mainly sexual images and videos. | Guideline | Yahoo | |
|
2019-09-06 15:32:04 | Industry Reactions to Iranian Mole Planting Stuxnet: Feedback Friday (lien direct) | Yahoo News reported this week that an Iranian mole recruited by Dutch intelligence helped the United States and Israel sabotage Iran's nuclear program by planting the | Yahoo | ||
|
2019-02-22 07:14:00 | Researcher Earns $10,000 for Another XSS Flaw in Yahoo Mail (lien direct) | A researcher says he has discovered yet another critical cross-site scripting (XSS) vulnerability in Yahoo Mail. The recently patched flaw could have been exploited to steal the targeted user's emails and attach malicious code to their outgoing messages. | Vulnerability | Yahoo | |
|
2019-01-30 18:57:04 | Yahoo Breach Settlement Rejected by Judge (lien direct) | A U.S. judge has rejected the settlement between Yahoo and users impacted by the massive data breaches suffered by the company, citing, among other things, inadequate disclosure of the settlement fund and high attorney fees. | Yahoo | ||
|
2018-10-24 14:58:01 | Yahoo to Pay $50M, Other Costs for Massive Security Breach (lien direct) | Yahoo has agreed to pay $50 million in damages and provide two years of free credit-monitoring services to 200 million people whose email addresses and other personal information were stolen as part of the biggest security breach in history. | Yahoo | ||
|
2018-09-18 05:08:03 | Altaba Settles Yahoo Breach Lawsuits for $47 Million (lien direct) | Altaba, the investment company that resulted from Verizon's $4.5 billion acquisition of Yahoo's Internet business last year, has agreed to settle consumer class action lawsuits triggered by the massive data breaches suffered by Yahoo in the past years. | Yahoo | ||
|
2018-08-27 17:07:03 | Cyber Risk = Business Risk. Time for the Business-Aligned CISO (lien direct) | Data breaches, ransomware and other cyber attacks causing massive reputation issues (Equifax), knocking down merger prices (Yahoo!) or interrupting operations on a global scale (the NotPetya virus victims), have elevated cybersecurity concerns from the server room to the boardroom. | Ransomware | NotPetya Equifax Yahoo | |
|
2018-05-30 04:54:03 | Accused Yahoo Hacker Gets Five Years in Prison, Fine (lien direct) | A man accused of taking part in devastating cyberattacks on Yahoo for Russian intelligence agents was sentenced Tuesday to five years in prison in a plea bargain with prosecutors. | Guideline | Yahoo | |
|
2018-04-25 02:28:00 | $35 Million Penalty for Not Telling Investors of Yahoo Hack (lien direct) | US securities regulators on Tuesday announced that Altaba will pay a $35 million penalty for not telling them hackers had stolen Yahoo's "crown jewels." | Yahoo | ||
|
2018-03-29 21:50:00 | Under Armour Says 150 Million Affected in Data Breach (lien direct) | 
Sports gear maker Under Armour said Thursday a data breach of its fitness application was hacked, affecting some 150 million user accounts.
The Baltimore, Maryland-based company said it had contacted law enforcement and outside consultants after learning of the breach.
Under Armour said it learned on March 25 of the breach of its MyFitnessPal application, which enables users to track activity and calorie intake using a smartphone.
It said an unauthorized party obtained usernames, email addresses, and "hashed" passwords, which make it harder for a hacker to ascertain.
The hack did not affect social security numbers, drivers licenses or credit card data, according to the company.
"The company's investigation is ongoing, but indicates that approximately 150 million user accounts were affected by this issue," a statement said.
Users were being notified by email and messaging to update settings to protect account information.
The attack is the latest affecting companies with large user bases such as Yahoo, retailer Target and credit reporting agency Equifax.
|
Equifax Yahoo | ||
|
2018-03-23 12:42:03 | Pwner of a Lonely Heart: The Sad Reality of Romance Scams (lien direct) | Valentine's Day is a special holiday, but for victims of romance scams it is a tragic reminder, not only of love lost, but financial loss as well. According to the FBI Internet Crime Complaint Center (IC3), romance scams accounted for $230 million in losses in 2016.
Men and women may jokingly refer to their significant other as their “partner in crime,” but when it comes to romance scams, this joke may become a sad reality. In additional to financial losses, many scammers may convince their victims to become money mules or shipping mules, directly implicating them in illegal behavior.
Recently, Agari researchers identified a woman in Los Angeles that has sent nearly half a million dollars to a scammer that she has never even met. Even worse, this woman knowingly cashes bad checks and fake money orders on his behalf. The FBI has warned her to stop, yet it is unlikely she will do so.
The victims of romance scams are typically women in their 40s to 50s, usually divorced or widowed and looking for a new relationship. They are targeted by scam artists on dating web sites, who have the ability to refine their searches for women that fit their target demographics.
The scam artists create profiles of charming and successful men to engage these lonesome women. Dating sites frequently ask what women are looking for in a partner, so it is easy for the scammer to say exactly what they need to seem like “Mr. Right.”
Once these scammers engage with their victims, there are an inevitable variety of excuses why they can't meet – claims of overseas military service or mission trips are common, and help to further cement the supposed righteousness of the scammer. After a few months of correspondence, the scammer will claim a supposed tragedy: a lost paycheck or medical fees are common – and request a small loan. The typical loss in these scams is $14,000, not to mention the considerable psychological damage – victims of romance scams frequently withdraw from their social circles, embarrassed by the stigma.
Even worse, such as the case of our anonymous victim, some of these scams can continue on for years, with frequent requests for financial support. Once trust is established with their victims, these scammers may also to begin to use them as “mules” to cash fake checks, make deposits, accept shipment of stolen goods, and more. In the case of our anonymous victim, her family has pleaded with her to stop sending her suitor more money, and the FBI has warned her that her behavior is illegal; and yet she persists.
|
Guideline | Equifax Yahoo | |
|
2018-03-20 00:34:03 | Facebook Security Chief Changes Role to Focus on Election Fraud (lien direct) | Facebook's chief of security late Monday said his role has shifted to focusing on emerging risks and election security at the global social network, which is under fire for letting its platform be used to spread bogus news and manipulate voters. Alex Stamos revealed the change in his role at work after a New York Times report that he was leaving Facebook in the wake of internal clashes over how to deal with the platform being used to spread misinformation. "Despite the rumors, I'm still fully engaged with my work at Facebook," Stamos said in a message posted at his verified Twitter account. "It's true that my role did change. I'm currently spending more time exploring emerging security risks and working on election security." Stamos advocated investigating and revealing manipulation of news at the social network by Russian entities, to the chagrin of chief operating officer Sheryl Sandberg and other top executives, the Times reported, citing unnamed current and former employees. Stamos reportedly decided in December he was done with Facebook, but remained at the social network as part of a plan to smoothly hand his job off to a successor. Neither Facebook nor Stamos directly commented on how long he intended to remain at the company, referring to his tweet in response to queries. Word from Stamos came as the California-based social media giant faced an onslaught of criticism at home and abroad over revelations that a firm working for Donald Trump's presidential campaign harvested and misused data on 50 million members. Calls for investigations came on both sides of the Atlantic after Facebook responded to the explosive reports of misuse of its data by suspending the account of Cambridge Analytica, a British firm hired by Trump's 2016 campaign. Vera Jourova, the European commissioner for justice, consumers and gender equality, called the revelations "horrifying, if confirmed," and vowed to address concerns in the United States this week. In Britain, parliamentary committee chair Damian Collins said both Cambridge Analytica and Facebook had questions to answer. According to a joint investigation by the Times and Britain's Observer, Cambridge Analytica was able to create psychological profiles on 50 million Facebook users through a personality prediction app downloaded by 270,000 people, but also scooped up data from friends. A Cambridge Analytica statement denied misusing Facebook data for the Trump campaign. Facebook said | Yahoo | ||
|
2018-03-19 05:23:04 | Hacker Adrian Lamo Dies at Age 37 (lien direct) | Adrian Lamo, the former hacker best known for breaching the systems of The New York Times and turning in Chelsea Manning to authorities, has died at age 37.
His passing was announced on Friday by his father, Mario Lamo, on the Facebook page of the 2600: The Hacker Quarterly magazine.
“With great sadness and a broken heart I have to let know all of Adrian's friends and acquaintances that he is dead. A bright mind and compassionate soul is gone, he was my beloved son…” he wrote.
Lamo had been living in Wichita, Kansas, and he was found dead in an apartment on Wednesday. The cause of death is not known, but representatives of local police said they had found nothing suspicious, The Wichita Eagle reported.
Lamo broke into the systems of companies such as Yahoo, AOL, Comcast, Microsoft and The New York Times in an effort to demonstrate that they had been vulnerable to hacker attacks.
He was arrested in 2003 and in early 2004 he pleaded guilty to computer crimes against Microsoft, The New York Times, and data analytics provider LexisNexis. He was sentenced to six months' detention at the home of his parents.
Lamo drew criticism in 2010 after he reported Chelsea Manning (at the time U.S. Army intelligence analyst Bradley Manning) to the Army for leaking a massive amount of classified documents to WikiLeaks.
Related: Bradley Manning Sentenced to 35 years
Related: Famed Hacker Barnaby Jack Dies Days Before Black Hat Conference
|
Guideline | Yahoo | |
|
2018-03-15 13:44:05 | (Déjà vu) The Latest Strains of Attacks on the Pharmaceutical and Healthcare Sector (lien direct) | Cyber Attacks Continue to Plague the Pharmaceutical and Healthcare Industries That Remain Lucrative Targets Schools were shut down due to high levels of absences and for sanitation purposes. Medical facilities were overflowing with patients. Visitor restrictions at hospitals and nursing facilities were in full force. Thankfully the flu season is starting to wind down, but this has been a particularly nasty episode. Several reasons have been cited, including the circulation of a particularly severe form of the flu virus that can cause more health complications, as well as local shortages and limited effectiveness of vaccines and antiviral medications against certain strains. But these aren't the only types of attacks that the pharmaceutical and healthcare sectors have had to contend with. Cyber attacks, campaigns and security incidents continue to plague these industries that remain lucrative targets primarily because of the type of information they hold, including personal health information (PHI) such as medical records and insurance information, personally identifiable information (PII), and financial information. The value of this data to financially-motivated threat actors is evident by continued extortion attempts against companies in this sector and data breaches. Let's look at a few recent examples. ● Extortion attacks, the now infamous ransomware attacks we read about daily, are affecting all sectors and healthcare and pharmaceutical companies are not immune. The personal and sensitive information they hold, offer lucrative opportunities for threat actors to conduct identity theft, fraud and sell data to other threat actors. Last October the threat actor, thedarkoverlord, appears to have been hard at work. A U.S.-based clinic was the target of an attempted extortion attack following a data breach that contained PII and some health-related information. The threat group mentioned the attack on Twitter but there has been no indication that the data has been publicly released. Around the same time, there was another report of a U.K.-based healthcare clinic that suffered a data breach and received an extortion demand from thedarkoverlord. An unspecified amount of data was reportedly stolen, which included PII, as well as pre- and post-operative photographs. As in the first case, there has been no indication that the data is widely available – yet. These are just two examples of the repeated attacks by thedarkoverlord against healthcare organizations. While details aren't clear as to how they are able to gain access to victims' networks, they have alluded to using zero-day exploits in remote desktop protocol (RDP) servers. ● Data breaches can have long-lasting impacts on organizations and individuals. Just consider the Yahoo breaches if you have any doubts. In the healthcare industry we see the same thing. Late last year the HaveIBeenPwned website added approximately four million records from Malaysian websites to its data repository. The data was obtain | Yahoo | ||
|
2018-01-26 05:19:18 | Former Yahoo CISO Bob Lord Joins DNC (lien direct) | Former Yahoo chief information security officer Bob Lord has been appointed chief security officer at the Democratic National Committee (DNC), the formal governing body for the United States Democratic Party. | Yahoo | ||
|
2017-12-07 18:32:22 | The Cumulative Effect of Major Breaches: The Collective Risk of Yahoo & Equifax (lien direct) | Until quite recently, people believed that a dizzying one billion accounts were compromised in the 2013 Yahoo! breach… and then it was revealed that the real number is about three billion accounts. That raises the question: so what? Isn't all the damage from a four-year-old breach already done? | Equifax Yahoo | ||
|
2017-11-29 18:39:21 | Canadian Pleads Guilty to Hacking Yahoo (lien direct) | A 22 year-old Canadian national accused of carrying attacks on Yahoo pleaded guilty on Tuesday to charges returned by a grand jury in the Northern District of California in February 2017. | Guideline | Yahoo | ★★★ |
|
2017-10-04 02:54:30 | 2013 Hack Hit All 3 Billion Yahoo Accounts: Company (lien direct) | 
|
Yahoo | ||
|
2017-08-18 19:56:16 | Accused Yahoo Hacker to be Handed Over to U.S. Marshals (lien direct) | A Canadian man accused of carrying out devastating cyberattacks on Yahoo waived his right to an extradition hearing on Friday and will soon be handed over to US marshals. | Yahoo | ||
|
2017-06-05 16:41:54 | Yahoo Pays Out Thousands of Dollars for Serious Flaws (lien direct) | Yahoo has awarded thousands of dollars to a couple of researchers who managed to find serious vulnerabilities in the company's systems. The bug bounty hunters published blog posts over the weekend describing their findings. | Yahoo | ||
|
2017-05-23 02:38:02 | Yahoo Ditching ImageMagick Highlights Issues in Bug Responsibility Ecosystem (lien direct) | ImageMagick, an open source command line graphics file editor, has been retired by one of its major consumers: Yahoo. The product has been beset by flaws and bugs for several years, but this appears to have been one too many for Yahoo. Following discovery of a bleed vulnerability, Yahoo fixed it by retiring the product. | Yahoo | ||
|
2017-05-08 18:05:39 | Yahoo Paid Out $2 Million in Bug Bounty Program (lien direct) | Yahoo reported on Monday that between the launch of its bug bounty program in 2013 and December 2016 it had paid out a total of more than $2 million. | Yahoo | ||
|
2017-05-01 13:07:45 | Yahoo Awards $7,000 for Flickr Account Hijacking Flaws (lien direct) | A bug bounty hunter has earned $7,000 from Yahoo for finding vulnerabilities in the company's image and video hosting service Flickr. | Yahoo | ||
|
2017-03-17 19:27:52 | Kremlin Denies Involvement after Yahoo Cyberattack Charges (lien direct) | The Kremlin on Thursday denied any official Russian involvement in cybercrimes after the US indicted two FSB intelligence agents over cyberattacks on Yahoo that compromised 500 million accounts. | Yahoo | ||
|
2017-03-15 18:17:23 | U.S. Government Indicts Two Russian FSB Officers Over Yahoo Hack (lien direct) | U.S. Government Indicts Four Over 2014 Yahoo Hack, Including Two Russian FSB Officers | Yahoo | ||
|
2017-03-02 09:54:24 | Forged Cookie Attack Affected 32 Million Yahoo Users (lien direct) | The recently disclosed security incident involving forged cookies affected 32 million user accounts, Yahoo said in its annual filing to the U.S. Securities and Exchange Commission (SEC). | Yahoo | ||
|
2017-02-22 16:51:20 | Yahoo Slashes Price of Verizon Deal $350 Million After Data Breaches (lien direct) | NEW YORK - Yahoo slashed the price of the sale of its core Internet business to Verizon by $350 million following a pair of major data breaches at Yahoo, the two companies announced Tuesday. | Yahoo | ||
|
2017-02-15 21:17:27 | Yahoo Notifies Users of Sophisticated Breach Methods (lien direct) | Yahoo said Wednesday it was notifying some users that hackers may have been able to use a maneuver to break into their accounts without stealing passwords. | Yahoo | ||
|
2017-01-23 22:06:35 | Sale of Core Yahoo Assets to Verizon Delayed (lien direct) |
|
Yahoo | ||
|
2017-01-23 13:15:33 | Yahoo Faces SEC Probe into Breach Disclosures (lien direct) | In November 2016 Yahoo announced that it was cooperating with federal, state and foreign agencies, including the US Securities and Exchange Commission (SEC), who were seeking information on the data breaches also announced during 2016. In December, the SEC issued requests for relevant documents from Yahoo, and Yahoo is now reported to be under investigation. | Yahoo | ||
|
2016-12-15 17:58:42 | Yahoo Hack Shows Data\'s Use for Information Warfare (lien direct) | The 2013 hack affecting a billion Yahoo users shows how seemingly innocuous bits of data gleaned from cyber attacks can be exploited for espionage and information warfare, as well as for profit. | Yahoo | ★★★★★ | |
|
2016-12-14 22:55:31 | Yahoo Says Newly Discovered Hack Hit 1 Billion Accounts (lien direct) |
|
Yahoo | ||
|
2016-12-09 12:35:06 | Yahoo Pays Out $10,000 Bounty for Critical Mail Flaw (lien direct) | A researcher has earned $10,000 for finding a critical Yahoo! Mail vulnerability that could have been exploited simply by getting the targeted user to open a specially crafted email. | Yahoo | ||
|
2016-11-10 03:09:58 | Yahoo Reveals More Details About Massive Hack (lien direct) |
|
Yahoo | ||
|
2016-10-28 15:06:48 | EU Regulators Raise Concerns over Yahoo and WhatsApp (lien direct) | European data protection regulators have written to both WhatsApp and Yahoo. With Yahoo concerns center around the breach and theft of 500 million user accounts, and sharing content with the US government. The WhatsApp concern is over sharing EU personal data with US Facebook. In both cases the issues will be discussed in November. | Yahoo | ||
|
2016-10-19 23:30:11 | Yahoo Calls for \'Transparency\' From U.S. Spy Agencies (lien direct) | Yahoo asked US spy agencies Wednesday to offer public "transparency" about data they make internet companies provide on users and to declassify any secret order served on the company. | Yahoo | ||
|
2016-10-17 17:02:33 | US Lawmakers Seek Answers on Yahoo Email Scanning (lien direct) | U.S. lawmakers want the Department of Justice and the Office of the Director of National Intelligence to provide clarifications on the reports about Yahoo being asked to scan its customers' emails. | Yahoo | ||
|
2016-10-13 20:45:01 | Verizon Says Massive Yahoo Hack Could Impact Deal (lien direct) |
Verizon said Thursday the massive breach affecting 500 million Yahoo customers could have a "material" effect on the $4.8 billion deal to acquire key assets of the Internet group.
|
Yahoo | ★★★★★ | |
|
2016-10-13 15:48:53 | Another Potential Victim of the Yahoo! Breach: Federated Login (lien direct) | Password proliferation is bad, for many, many, many reasons. But the worst reason is that people tend to re-use passwords all over the place. | Yahoo | ||
|
2016-10-05 16:10:02 | Amid Privacy Outcry, Yahoo Denies Surveillance Allegations (lien direct) | Yahoo on Wednesday denied conducting mass email surveillance after a report alleging it built a special scanning program at the behest of US intelligence which sparked an outcry from privacy activists. The report, which said the US internet giant had secretly scanned millions of emails to help American intelligence, was "misleading," Yahoo said in a statement. | Guideline | Yahoo | |
|
2016-09-30 14:50:37 | Yahoo! Doesn\'t Revoke iOS Mail Access After Password Change (lien direct) | Users resetting their Yahoo! passwords might also want to check the list of authorized apps and devices, because iOS Mail will continue to have access to the account even after a password reset, researchers discovered. | Yahoo | ||
|
2016-09-29 09:21:26 | Leak of 200 Million Yahoo Accounts Linked to 2014 Hack (lien direct) | An investigation conducted into the two Yahoo security incidents disclosed recently revealed the existence of a connection and led researchers to believe that the claim of 200 million accounts being stolen in 2012 is likely false. | Yahoo | ||
|
2016-09-26 16:34:09 | Users File Lawsuit Against Yahoo Over Data Breach (lien direct) | Several class actions have been filed against Yahoo in California and Illinois over the recently disclosed data breach that affected at least 500 million accounts. | Yahoo | ||
|
2016-09-26 11:13:13 | UK Man Involved in 2012 Yahoo Hack Sentenced to Prison (lien direct) | The U.K. National Crime Agency (NCA) announced last week that one of the members of an international cybercrime group has been given a two-year jail sentence. | Yahoo | ||
|
2016-09-24 23:14:41 | Russia? China? Who Hacked Yahoo, and Why? (lien direct) | Yahoo's claim that it is the victim of a gigantic state-sponsored hack raises the question of whether it is the latest target for hackers with the backing of Russia, China or even North Korea, experts say. | Yahoo | ||
|
2016-09-23 13:10:30 | Yahoo! Pressed to Explain Massive \'State Sponsored\' Hack (lien direct) |
Type:
Story
Image:
Link:
Yahoo! Pressed to Explain Massive 'State Sponsored' Hack
Yahoo! Pressed to Explain Massive 'State Sponsored' Hack
|
Yahoo | ||
|
2016-09-23 12:14:35 | Yahoo Pressed to Explain Huge \'State Sponsored\' Hack (lien direct) |
Yahoo faced pressure Friday to explain how it sustained a massive cyber-attack -- one of the biggest ever, and allegedly state-sponsored -- allowing hackers to steal data from half a billion users two years ago.
|
Yahoo | ||
|
2016-09-22 19:08:03 | Yahoo Confirms Massive Data Breach of 500 Million Accounts (lien direct) | Following rumors that an announcement was soon to come, Yahoo! said Thursday that hackers managed to access data from at least 500 million user accounts in a cyberattack dating back to 2014. | Yahoo | ||
|
2016-08-02 17:10:04 | Hacker Selling Credentials of 200 Million Yahoo Users (lien direct) | A hacker claims to possess 200 million Yahoo user accounts and he is offering to sell the information on a dark web cybercrime marketplace for a few Bitcoins. | Yahoo |
To see everything:
Our RSS (filtrered)
