What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-12-21 12:20:05 | Phishers Bypassing 2FA to Compromise Google and Yahoo Accounts (lien direct) | Phishers are bypassing common forms of two-factor authentication (2FA) in a campaign targeting hundreds of Google and Yahoo accounts. In a new report, Amnesty International uses several attack emails sent to it by Human Rights Defenders (HRDs) spread across the Middle East and North Africa to analyze the campaign. A typical attack email in this […]… Read More | Yahoo | ||
 |
2018-12-20 09:50:05 | Hacker spoofing bypasses 2FA security in Gmail, targets secure email services (lien direct) | Google, Yahoo, and ProtonMail accounts are being targeted in a new wave of phishing attacks. | Yahoo | ||
 |
2018-12-15 12:07:04 | Charming Kitten, pirates Iraniens, infiltrent les Gmail et Yahoo de responsables US (lien direct) | Charming Kitten, des pirates informatiques iraniens tentent d’infiltrer les comptes mails de responsables américains en passant outre la double authentification proposée par les deux webmails. La société britannique Certfa annonce que des pirates informatiques iraniens auraient réussi à infilt... Cet article Charming Kitten, pirates Iraniens, infiltrent les Gmail et Yahoo de responsables US est apparu en premier sur ZATAZ. | Conference | Yahoo APT 35 | |
|
2018-12-04 04:01:04 | Read All About It: The Breaches That Won\'t Make the Headlines (lien direct) | It's been a busy few months for those tracking cybersecurity breaches. Considering that this quarter alone has seen headlines for British Airways identifying additional victims behind its already significant breach, Facebook's massive messaging leak and Yahoo's significant payout related to earlier data breaches, there are plenty of high profile cases that reinforce the importance of […]… Read More | Yahoo | ||
 |
2018-12-03 08:47:02 | MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks (lien direct) | I have a Yahoo email account, I've shopped at Home Depot and Target, my father was in the military and had a security clearance, which included a dossier on his family, archived at the U.S. Office of Personnel Management, I've had insurance coverage from Premera Blue Cross and I've stayed at the Marriott Marquis in […] | Yahoo | ||
 |
2018-11-30 16:45:01 | Marriott victime d\'une gigantesque faille de données personnelles (lien direct) |  Le groupe Marriott vient de révéler une gigantesque faille de données qui concernerait près de 500 millions de ses clients, du jamais vu depuis le célèbre cas de Yahoo! |
Yahoo | ||
|
2018-11-07 16:07:00 | IoT botnet infects 100,000 routers to send Hotmail, Outlook, and Yahoo spam (lien direct) | Botnet infects routers and uses them to relay connections to webmail services. | Spam | Yahoo | |
 |
2018-11-05 22:05:01 | Yes! Aol Mail Is Down for the Past Two Hours (lien direct) | Reports have been coming in the for the past 2 hours that AOL Mail is down. It is not currently known what is causing the outage, but the AOL Customer Support Twitter account has stated tht the company is looking into issues with both AOL and Yahoo. [...] | Yahoo | ||
 |
2018-11-05 19:29:04 | Google dorks were the root cause of a catastrophic compromise of CIA\'s communications (lien direct) | Google queries allowed Iran Government to dismantle the CIA communication network used by its agents and kill dozens of tens of spies The alleged hack of the communications network used by CIA agents allowed Iranian intelligence to identify and kill at least 30 spies. According to Yahoo! News the security breach has happened in 2009, the Iranian […] | Hack | Yahoo | |
 |
2018-10-24 14:58:01 | Yahoo to Pay $50M, Other Costs for Massive Security Breach (lien direct) | Yahoo has agreed to pay $50 million in damages and provide two years of free credit-monitoring services to 200 million people whose email addresses and other personal information were stolen as part of the biggest security breach in history. | Yahoo | ||
 |
2018-10-24 12:10:01 | Yahoo agrees to pay $50M to users hit by biggest ever data breach (lien direct) | Yahoo agrees to pay $50 million in data-breach settlement and give affected users free credit monitoring services Yahoo has agreed to pay $50 million in data-breach settlement to 200 million victims of what is believed to be the biggest data breach ever. The company will also provide two years of free credit-monitoring services to these […] | Data Breach | Yahoo | |
|
2018-10-24 11:22:04 | (Déjà vu) Yahoo Agrees to Pay $50 Million in Damages to Settle Data Breach Lawsuit (lien direct) | Yahoo has agreed to pay $50 million to help settle a lawsuit that seeks to hold the company responsible for a data breach the company suffered several years ago. On 23 October, Yahoo said it would pay $50 million and provide two years of free credit-monitoring services to 200 million people whose email addresses and […]… Read More | Data Breach | Yahoo | |
|
2018-10-24 09:18:04 | Yahoo agrees to pay $50 million to settle data breach lawsuit (lien direct) | The company will also provide free credit monitoring services to roughly 200 million people impacted by the cyberattacks. | Data Breach | Yahoo | |
 |
2018-09-18 19:51:01 | Altaba To Settle Lawsuits Relating To Yahoo Data Breach For $47 Million – Victory For Yahoo Legal Team (lien direct) | Following the news about the Yahoo data breach for $47 million, Ilia Kolochenko, CEO of web security company at High-Tech Bridge commented below. Ilia Kolochenko, CEO at High-Tech Bridge: “Class actions are known to provide their members with very modest compensation compared to individual lawsuits. The settlement (subject to approval by court) makes slightly above … The ISBuzz Post: This Post Altaba To Settle Lawsuits Relating To Yahoo Data Breach For $47 Million – Victory For Yahoo Legal Team | Data Breach | Yahoo | |
|
2018-09-18 05:08:03 | Altaba Settles Yahoo Breach Lawsuits for $47 Million (lien direct) | Altaba, the investment company that resulted from Verizon's $4.5 billion acquisition of Yahoo's Internet business last year, has agreed to settle consumer class action lawsuits triggered by the massive data breaches suffered by Yahoo in the past years. | Yahoo | ||
|
2018-08-27 17:07:03 | Cyber Risk = Business Risk. Time for the Business-Aligned CISO (lien direct) | Data breaches, ransomware and other cyber attacks causing massive reputation issues (Equifax), knocking down merger prices (Yahoo!) or interrupting operations on a global scale (the NotPetya virus victims), have elevated cybersecurity concerns from the server room to the boardroom. | Ransomware | NotPetya Equifax Yahoo | |
 |
2018-06-15 16:44:01 | Can Verizon Build a Strong Brand From the Bones of Yahoo and AOL? (lien direct) | Verizon has united two faded names from internet 1.0 under its Oath brand. Now it needs a strategy. | Yahoo | ★★★ | |
|
2018-06-13 10:11:00 | Yahoo fined £250,000 by UK watchdog over data breach (lien direct) | Updated: The ICO says Yahoo had "ample opportunity" to secure data belonging to UK customers, but failed to do so. | Yahoo | ||
 |
2018-06-12 16:45:03 | Yahoo fined £250,000 over cyber-attack (lien direct) | The fine relates to a data breach in 2014 which affected more than 500,000 Yahoo customers. | Yahoo | ||
|
2018-06-08 11:48:00 | Yahoo Messenger Now Joins the List of Discarded Chat Programs (lien direct) | Yahoo announced today that its Yahoo Messenger chat program is being discontinued on Juy 17th 2018. They are now directing users towards their Squirrel chat app that is currently in beta. [...] | Yahoo | ||
 |
2018-05-30 17:32:00 | Yahoo Hacker Sentenced; Coke Opens Up a Can of Data Breach (lien direct) | Fortune 500 breaches seem to be a theme this week. | Yahoo | ||
 |
2018-05-30 13:10:05 | Jail for the man who helped Russia hack Yahoo\'s email accounts (lien direct) |  A hacker who lived the high life with expensive cars has been sentenced to jail for his part in a serious security breach at Yahoo.
Read more in my article on the Hot for Security blog.
|
Yahoo | ||
|
2018-05-30 04:54:03 | Accused Yahoo Hacker Gets Five Years in Prison, Fine (lien direct) | A man accused of taking part in devastating cyberattacks on Yahoo for Russian intelligence agents was sentenced Tuesday to five years in prison in a plea bargain with prosecutors. | Guideline | Yahoo | |
 |
2018-05-30 00:30:03 | Yahoo Hacker linked to Russian Intelligence Gets 5 Years in U.S. Prison (lien direct) | A 23-year-old Canadian man, who pleaded guilty last year for his role in helping Russian government spies hack into email accounts of Yahoo users and other services, has been sentenced to five years in prison.
Karim Baratov (a.k.a Karim Taloverov, a.k.a Karim Akehmet Tokbergenov), a Kazakhstan-born Canadian citizen, was also ordered on Tuesday by United States Judge Vince Chhabria to pay a
|
Guideline | Yahoo | |
|
2018-05-30 00:15:00 | Hacker Who Worked With FSB Agents in Email Hacks Gets 5 Years in Prison (lien direct) | A 23-year-old Canadian man who hacked into Yahoo and Gmail accounts on behalf of Russian Secret Service (FSB) agents was sentenced to five years in prison and a fine of $250,000. [...] | Yahoo | ||
|
2018-05-03 16:51:01 | Yahoo! Fined 35 Million USD For Late Disclosure Of Hack (lien direct) |  Ah Yahoo! in trouble again, this time the news is Yahoo! fined for 35 million USD by the SEC for the 2 years delayed disclosure of the massive hack, we actually reported on the incident in 2016 when it became public – Massive Yahoo Hack – 500 Million Accounts Compromised.
Yahoo! has been having a rocky time for quite a few years now and just recently has sold Flickr to SmugMug for an undisclosed amount, I hope that at least helps pay off some of the fine.
Read the rest of Yahoo! Fined 35 Million USD For Late Disclosure Of Hack now! Only available at Darknet.
|
Yahoo | ||
 |
2018-05-03 04:32:03 | Les géants de la tech unis pour défendre un chiffrement fort (lien direct) | Apple, Facebook, Google, Microsoft, Twitter et Yahoo veulent à tout prix éviter l'installation de portes dérobées imposées par des agences gouvernementales pour lutter contre le terrorisme.  |
Yahoo | ||
|
2018-05-02 15:34:00 | Tech giants hit by NSA spying slam encryption backdoors (lien direct) | The tech coalition includes Apple, Facebook, Google, Microsoft, and Verizon and Yahoo's parent company Oath - all of which were hit by claims of complicity with US government's surveillance. | Yahoo | ||
 |
2018-04-27 13:00:00 | Things I Hearted this Week, 27th April 2018 (lien direct) |
Master Keys
F-Secure researchers have found that global hotel chains and hotels worldwide are using an electronic lock system that could be exploited by an attacker to gain access to any room in the facility. The design flaws discovered in the lock system’s software, which is known as Vision by VingCard and used to secure millions of hotel rooms worldwide, have prompted the world’s largest lock manufacturer, Assa Abloy, to issue software updates with security fixes to mitigate the issue.
Researchers Find Way to Create Master Keys to Hotels | F-Secure
A ONE-MINUTE ATTACK LET HACKERS SPOOF HOTEL MASTER KEYS | Wired
SEC Fines Yahoo $35 Million
The company formerly known as Yahoo is paying a $35 million fine to resolve federal regulators’ charges that the online pioneer deceived investors by failing to disclose one of the biggest data breaches in internet history.
The Securities and Exchange Commission announced the action Tuesday against the company, which is now called Altaba after its email and other digital services were sold to Verizon Communications for $4.48 billion last year. Yahoo, which is no longer publicly traded, neither admitted nor denied the allegations but did agree to refrain from further violations of securities laws.
SEC Fines Yahoo $35 Million for Data Breach That Affected 500 Million Users | Bleeping Computer
Company Formerly Known As Yahoo Pays $35M Fine Over 2014 Hack | CBS SF
SOCs require automation to avoid analyst fatigue for emerging threats
SecOps needs an immediate shift across industries. Some SecOps teams develop playbooks for an additional layer of training, but when security events occur, it is uncommon to follow every step a playbook describes. The data becomes overwhelming and the resulting alert fatigue leads to analysts overlooking threats entirely, leading to an increase in emerging threats.
SOCs require automation to avoid analyst fatigue for emerging threats | HelpNetSecurity
On the topic incident response, I enjoyed this piece by Steve Ragan,
Two incident response phases most organizations get wrong | CSO Online
Also related:
How to Build a Cybersecurity Incident Response Plan | Dark Reading
The Seven Circles of Security
An insightful post from a CISO highlighting where most of their time is spent. Number six will shock you! Well, it probably won’t, but a little clickbait never hurt did it?
The Seven Circles of Security: Where This CISO Spends Her Time | |
Guideline | Yahoo | |
|
2018-04-25 02:28:00 | $35 Million Penalty for Not Telling Investors of Yahoo Hack (lien direct) | US securities regulators on Tuesday announced that Altaba will pay a $35 million penalty for not telling them hackers had stolen Yahoo's "crown jewels." | Yahoo | ||
|
2018-04-24 18:52:00 | $35M for Covering up A Breach (lien direct) | “The remains of Yahoo just got hit with a $35 million fine because it didn’t tell investors about Russian hacking.” The headline says most of it, but importantly, “‘We do not second-guess good faith exercises of judgment about cyber-incident disclosure. But we have also cautioned that a company’s response to such an event could be … Continue reading "$35M for Covering up A Breach" | Yahoo | ||
|
2018-04-24 17:09:00 | SEC Fines Yahoo $35 Million for Data Breach That Affected 500 Million Users (lien direct) | The United States Securities and Exchange Commission has fined Yahoo (or what's left of the company) $35 million for failing to disclose a massive security breach that took place in 2014. [...] | Yahoo | ||
|
2018-03-29 21:50:00 | Under Armour Says 150 Million Affected in Data Breach (lien direct) | 
Sports gear maker Under Armour said Thursday a data breach of its fitness application was hacked, affecting some 150 million user accounts.
The Baltimore, Maryland-based company said it had contacted law enforcement and outside consultants after learning of the breach.
Under Armour said it learned on March 25 of the breach of its MyFitnessPal application, which enables users to track activity and calorie intake using a smartphone.
It said an unauthorized party obtained usernames, email addresses, and "hashed" passwords, which make it harder for a hacker to ascertain.
The hack did not affect social security numbers, drivers licenses or credit card data, according to the company.
"The company's investigation is ongoing, but indicates that approximately 150 million user accounts were affected by this issue," a statement said.
Users were being notified by email and messaging to update settings to protect account information.
The attack is the latest affecting companies with large user bases such as Yahoo, retailer Target and credit reporting agency Equifax.
|
Equifax Yahoo | ||
|
2018-03-23 12:42:03 | Pwner of a Lonely Heart: The Sad Reality of Romance Scams (lien direct) | Valentine's Day is a special holiday, but for victims of romance scams it is a tragic reminder, not only of love lost, but financial loss as well. According to the FBI Internet Crime Complaint Center (IC3), romance scams accounted for $230 million in losses in 2016.
Men and women may jokingly refer to their significant other as their “partner in crime,” but when it comes to romance scams, this joke may become a sad reality. In additional to financial losses, many scammers may convince their victims to become money mules or shipping mules, directly implicating them in illegal behavior.
Recently, Agari researchers identified a woman in Los Angeles that has sent nearly half a million dollars to a scammer that she has never even met. Even worse, this woman knowingly cashes bad checks and fake money orders on his behalf. The FBI has warned her to stop, yet it is unlikely she will do so.
The victims of romance scams are typically women in their 40s to 50s, usually divorced or widowed and looking for a new relationship. They are targeted by scam artists on dating web sites, who have the ability to refine their searches for women that fit their target demographics.
The scam artists create profiles of charming and successful men to engage these lonesome women. Dating sites frequently ask what women are looking for in a partner, so it is easy for the scammer to say exactly what they need to seem like “Mr. Right.”
Once these scammers engage with their victims, there are an inevitable variety of excuses why they can't meet – claims of overseas military service or mission trips are common, and help to further cement the supposed righteousness of the scammer. After a few months of correspondence, the scammer will claim a supposed tragedy: a lost paycheck or medical fees are common – and request a small loan. The typical loss in these scams is $14,000, not to mention the considerable psychological damage – victims of romance scams frequently withdraw from their social circles, embarrassed by the stigma.
Even worse, such as the case of our anonymous victim, some of these scams can continue on for years, with frequent requests for financial support. Once trust is established with their victims, these scammers may also to begin to use them as “mules” to cash fake checks, make deposits, accept shipment of stolen goods, and more. In the case of our anonymous victim, her family has pleaded with her to stop sending her suitor more money, and the FBI has warned her that her behavior is illegal; and yet she persists.
|
Guideline | Equifax Yahoo | |
|
2018-03-20 19:50:00 | Cambridge Analytica Debacle -The Definition Of Breach (lien direct) |
Pretty much the motto of my profession is “word choice matters.” I say it a lot. It appears somewhere in the marginalia of pretty much everything I’ve ever edited. Words have denotation, and connotation. There are considerations for dialect, and for popular use.
It can be fiddly and annoying to be queried so; I get it. You know what you meant, and you grabbed the word in your head that, to you, meant that thing. One of the glories of having your work edited is that someone who isn’t you can hold up a mirror, to make sure that the word on the page means as close as possible to what you meant in your head, to the greatest number of people, no matter where they’re from or what language they natively speak. Here at AlienVault, we’ve had some great discussions about the differences in connotation in different words between our Irish speakers, who learned Hiberno-English (which gets the hyphen when none of the others do), Chinese speakers, who learned British English, and Americans, who learned American English with intense regional dialect (the Texans and the Californians are occasionally mutually unintelligible.)
But there’s one thing that none of us tolerate; the choosing of a word to deliberately mislead. When one works in fiction, one is used to the painting of pictures with words. When one chooses to work primarily in technology, it’s often because you’re way more comfortable with the nicely concrete, if entirely mutable. In technology, a thing is, or it is not. It’s variations on a theme of zeros and ones, no matter whether it’s software or hardware.
It is therefore maddening beyond belief when the unambiguous words of technology are used to mislead the non-technical public. I’m of course talking about the Cambridge Analytica debacle, which is being referred to across the media landscape as “a data breach.”
A data breach is when someone who is not authorized to handle specific information obtains access to that information. It’s a non-trivial failure of the security measures a responsible company or reasonable individuals would have in place. It implies wrongdoing, it implies malice, it implies a victim/attacker relationship.
But when data is harvested and used with the unknowing opt-in of thousands of people, that’s not a breach. There are no hackers here; just people who knew how to use freely-given personal data to manipulate not very technically astute people to some political end.
Lorenzo Franceschi-Bicchierai, as usual, gets it:
We’ve been regularly covering data breaches for years. No one hacked into Facebook’s servers exploiting a bug, like hackers did when they stole the personal data of more than 140 million people from Equifax. No one tricked Facebook users into giving away their passwords and then stole their data, like Russian hackers did when they broke into the email accounts of John Podesta and others through phishing emails.
Facebook obviously doesn't want the public to think it suffered a ma |
Guideline | Equifax Yahoo | |
|
2018-03-20 00:34:03 | Facebook Security Chief Changes Role to Focus on Election Fraud (lien direct) | Facebook's chief of security late Monday said his role has shifted to focusing on emerging risks and election security at the global social network, which is under fire for letting its platform be used to spread bogus news and manipulate voters. Alex Stamos revealed the change in his role at work after a New York Times report that he was leaving Facebook in the wake of internal clashes over how to deal with the platform being used to spread misinformation. "Despite the rumors, I'm still fully engaged with my work at Facebook," Stamos said in a message posted at his verified Twitter account. "It's true that my role did change. I'm currently spending more time exploring emerging security risks and working on election security." Stamos advocated investigating and revealing manipulation of news at the social network by Russian entities, to the chagrin of chief operating officer Sheryl Sandberg and other top executives, the Times reported, citing unnamed current and former employees. Stamos reportedly decided in December he was done with Facebook, but remained at the social network as part of a plan to smoothly hand his job off to a successor. Neither Facebook nor Stamos directly commented on how long he intended to remain at the company, referring to his tweet in response to queries. Word from Stamos came as the California-based social media giant faced an onslaught of criticism at home and abroad over revelations that a firm working for Donald Trump's presidential campaign harvested and misused data on 50 million members. Calls for investigations came on both sides of the Atlantic after Facebook responded to the explosive reports of misuse of its data by suspending the account of Cambridge Analytica, a British firm hired by Trump's 2016 campaign. Vera Jourova, the European commissioner for justice, consumers and gender equality, called the revelations "horrifying, if confirmed," and vowed to address concerns in the United States this week. In Britain, parliamentary committee chair Damian Collins said both Cambridge Analytica and Facebook had questions to answer. According to a joint investigation by the Times and Britain's Observer, Cambridge Analytica was able to create psychological profiles on 50 million Facebook users through a personality prediction app downloaded by 270,000 people, but also scooped up data from friends. A Cambridge Analytica statement denied misusing Facebook data for the Trump campaign. Facebook said | Yahoo | ||
|
2018-03-19 13:00:00 | DNS Poisoning and How To Prevent It (lien direct) |
DNS poisoning. Simply the name conjures up the kind of thoughts that keep network admins up at night. What if my RNDC key gets leaked? Could there be a rogue DHCP server within my perimeter? Are the Lizard Squad planning an attack on for Christmas?
Much of what we know now about DNS, address protocol, and packet priority is being redefined with the recent 'Net Neutrality' legislation. Instead of becoming a party to the hoopla that is partisan politics surrounding THAT issue, let me assure you there are many different mitigation strategies for not only securing your own network against DNS poisoning, but also working towards a harmonious kum-by-ah solution that in the end, may end up resolving (pun intended) the DNS plight. So, let's silence the alerting system, and get down to what DNS poisoning is, why it's still around, and one of the best ways to solve it.
Why is DNS Poisoning Possible?
The first thing to understand about DNS 'poisoning' is that the purveyors of the Internet were very much aware of the problem. Essentially, DNS requests are "cached", or stored, into a database which can be queried in almost real-time to point names like 'hotmail.com' or 'google.com' to their appropriate IP addresses. Can you imagine having to remember a string of numbers instead of a fancy name to get to your desired WWW (or GOPHER - if that's your thing) resources? 321.652.77.133 or 266.844.11.66 or even 867.53.0.9 would be very hard to remember. [Note: I have obfuscated REAL IP addresses with very fake ones here. Always trying to stay one step ahead of the AI Armageddon. Real IP addresses end with the numerical value of '255' within each octet.]
No, remembering strings of numbers would be next to impossible. But thankfully, and all because of Al Gore (sarcasm) we have the DNS mechanism that gives us [relatively] easy names to remember how to get to our favorite resources.
DNS basically runs the Internet. Without it, only the most uber-geeky of computer scientists would be able to traverse it. Strings of numbers are just simply not how humans identify information. They help, but in reality, words and language are what separate us from our impending robotic overlords.
It's because of this, that as the Internet began to grow, the DNS (Domain Name System) was created. To help us get from one side of the world to the other, with little angst. However, due to the limitations of computing (especially storage and bandwidth) at the time, the early versions of DNS simply used a "distributed" text file for name resolution. Think "blockchain" for EVERY SINGLE HOST that existed on the 'Net back then. It was a nicer and friendlier place, and that system worked well. Until it didn't, and some nice folks at ARIN and ICANN came along and began the system we use today: DNS.
In its simplest explanation, DNS takes a name (e.g. yahoo.com) and looks at the locally configured 'Nameservers' for the "answer" to the question: 'What is the IP address of yahoo.com?'. Once an answer is found, it is passed back to the client requesting it, and the routing and magic of the TCP protocol kicks into gear, and the peasants rejoice. Except there are sometimes problems that arise that cause the peasants to NOT rejoice, and for network engineers to curse the vile notion of DNS. You see, since DNS arose during a time where "real-time" anything was not technically possible; to aid performance and allow for USABLE networks, DNS answers were logged into a locally stored 'cache' or database o |
Guideline | Yahoo Uber | |
|
2018-03-19 05:23:04 | Hacker Adrian Lamo Dies at Age 37 (lien direct) | Adrian Lamo, the former hacker best known for breaching the systems of The New York Times and turning in Chelsea Manning to authorities, has died at age 37.
His passing was announced on Friday by his father, Mario Lamo, on the Facebook page of the 2600: The Hacker Quarterly magazine.
“With great sadness and a broken heart I have to let know all of Adrian's friends and acquaintances that he is dead. A bright mind and compassionate soul is gone, he was my beloved son…” he wrote.
Lamo had been living in Wichita, Kansas, and he was found dead in an apartment on Wednesday. The cause of death is not known, but representatives of local police said they had found nothing suspicious, The Wichita Eagle reported.
Lamo broke into the systems of companies such as Yahoo, AOL, Comcast, Microsoft and The New York Times in an effort to demonstrate that they had been vulnerable to hacker attacks.
He was arrested in 2003 and in early 2004 he pleaded guilty to computer crimes against Microsoft, The New York Times, and data analytics provider LexisNexis. He was sentenced to six months' detention at the home of his parents.
Lamo drew criticism in 2010 after he reported Chelsea Manning (at the time U.S. Army intelligence analyst Bradley Manning) to the Army for leaking a massive amount of classified documents to WikiLeaks.
Related: Bradley Manning Sentenced to 35 years
Related: Famed Hacker Barnaby Jack Dies Days Before Black Hat Conference
|
Guideline | Yahoo | |
|
2018-03-15 13:44:05 | (Déjà vu) The Latest Strains of Attacks on the Pharmaceutical and Healthcare Sector (lien direct) | Cyber Attacks Continue to Plague the Pharmaceutical and Healthcare Industries That Remain Lucrative Targets Schools were shut down due to high levels of absences and for sanitation purposes. Medical facilities were overflowing with patients. Visitor restrictions at hospitals and nursing facilities were in full force. Thankfully the flu season is starting to wind down, but this has been a particularly nasty episode. Several reasons have been cited, including the circulation of a particularly severe form of the flu virus that can cause more health complications, as well as local shortages and limited effectiveness of vaccines and antiviral medications against certain strains. But these aren't the only types of attacks that the pharmaceutical and healthcare sectors have had to contend with. Cyber attacks, campaigns and security incidents continue to plague these industries that remain lucrative targets primarily because of the type of information they hold, including personal health information (PHI) such as medical records and insurance information, personally identifiable information (PII), and financial information. The value of this data to financially-motivated threat actors is evident by continued extortion attempts against companies in this sector and data breaches. Let's look at a few recent examples. ● Extortion attacks, the now infamous ransomware attacks we read about daily, are affecting all sectors and healthcare and pharmaceutical companies are not immune. The personal and sensitive information they hold, offer lucrative opportunities for threat actors to conduct identity theft, fraud and sell data to other threat actors. Last October the threat actor, thedarkoverlord, appears to have been hard at work. A U.S.-based clinic was the target of an attempted extortion attack following a data breach that contained PII and some health-related information. The threat group mentioned the attack on Twitter but there has been no indication that the data has been publicly released. Around the same time, there was another report of a U.K.-based healthcare clinic that suffered a data breach and received an extortion demand from thedarkoverlord. An unspecified amount of data was reportedly stolen, which included PII, as well as pre- and post-operative photographs. As in the first case, there has been no indication that the data is widely available – yet. These are just two examples of the repeated attacks by thedarkoverlord against healthcare organizations. While details aren't clear as to how they are able to gain access to victims' networks, they have alluded to using zero-day exploits in remote desktop protocol (RDP) servers. ● Data breaches can have long-lasting impacts on organizations and individuals. Just consider the Yahoo breaches if you have any doubts. In the healthcare industry we see the same thing. Late last year the HaveIBeenPwned website added approximately four million records from Malaysian websites to its data repository. The data was obtain | Yahoo | ||
|
2018-03-14 07:10:01 | MY TAKE: Why the SEC\'s reporting guidance, Yahoo\'s $80M payout will shake up board rooms (lien direct) | The most encouraging thing about the U.S. Securities and Exchange Commission formally issuing cybersecurity reporting “guidance” for public companies last month was, ironically, commissioner Kara Stein's disappointment that her colleagues did not go much further. Related video: Howard Schmidt’s 2015 observations on board involvement Stein said she would have liked to have seen the commission […] | Yahoo | ||
|
2018-03-13 13:00:00 | Infosec Language Grows Up: The Bishop Fox Cybersecurity Style Guide (lien direct) |
On February 15, Bishop Fox released their Cybersecurity Style Guide. I am absolutely stoked for them, and for the arrival of what looks like a new era in InfoSec language consistency.
I was lucky enough to get to speak to Technical Editor Brianne Hughes last week. “I polled the internal team,” she told me, “and got the https://willusingtheprefixcybermakemelooklikeanidiot.com/ sent back to me a few times. We need to be consistent as a department – Engineers want to know why, they want transparency, and they don’t want to be told what to do. We have lively dialog in the comments of our reports.”
She went on to say, “InfoSec merges hacker slang and military jargon in a corporate setting, and it’s hard to find middle ground. The language itself is a kind of slang, and the point of slang is to identify in-groups and out-groups, so there’s a definitely border built up that were looking to poke holes in to facilitate future conversations.”
Largely, those of us lucky enough to work for InfoSec companies enlightened enough to know that having editorial services available is a good thing, have mostly done our thing solo, and we’ve collected language that’s specific for our company. As a new editor in that position, there’s always that little moment of hesitation, where you try to decide what style guide to leverage. Microsoft, with its monolithic 1990’s tablet-down-from-the-mount style guide? Sun Microsystems, where once upon a time the collective Editorial staff met to decide the proper way to write “readme,” only to decide after four straight hours of heated argument that since the users knew what we meant, we would willfully refuse to standardize?
There’s the Yahoo Style Guide, the Salesforce Style Guide… everyone’s got one, and most editors have a favorite. But this is the first time I’m aware of that someone specifically in the world of InfoSec has taken a stab at creating something like unification, by not only creating a guide, but actively promoting it, and soliciting input from across the industry. “I made this for myself because I needed it,” says Brianne. “And I was lucky enough to have the skills and the support. It’s a beautiful environment where Bishop Fox has been around 12 years, but allows for passion projects.”
The second it downloaded, I sat down and read every word. You guys… this is superlative. Some highlights include:
A technical formatting section simple enough to cover our needs, without going over the top to cover every possible contingency.
An appendix explaining how decisions were made. This is particularly glorious, because mostly, we’re winging it. The Wild West style of InfoSec netymology has meant that most of us within our silos make a choice, and call it done. There’s been very little in the way of guidance about how to make those decisions. I think that if we, as editorial professionals, can help each other make consistent choices, the entire field will mature more rapidly, and that is all to the good for improving consistency and transparency of dialog between professionals and their clients.
Another appendix for external resources. This is so beautifully thought-out, so comprehensive… I felt myself sighing in pure appreciation. I personally ha |
Yahoo | ||
|
2018-03-12 22:17:04 | Yahoo users can sue over data breaches, judge rules (lien direct) | Verizon, which now owns the web giant, sought to dismiss the case. | General Information | Yahoo | |
|
2018-03-09 14:27:04 | Yahoo Agrees to $80 Million Settlement Over Data Breaches (lien direct) | Yahoo has agreed to pay $80 million to settle a federal securities class action lawsuit following the massive data breaches that compromised the personal information of three billion users. The suit was filed by several shareholders in January 2017, alleging the web services provider intentionally misled them about its cybersecurity practices, in turn, causing the […]… Read More | Yahoo | ||
|
2018-02-15 14:00:00 | North Korean Cyber-Attacks and Collateral Damage (lien direct) |
WannaCry was incredibly destructive. The attackers made about $150,000 - but the total damage caused by WannaCry has been estimated in the billions of dollars.
There is strong evidence linking WannaCry to a group of hackers known as ‘Lazarus’, reportedly operating out of the DPRK (North Korea). Whilst WannaCry is perhaps the most famous attack by Lazarus, it isn’t the only ‘collateral damage’ caused by the DPRK’s cyber actions.
Below we disclose new details on three attacks that have spread out of control. Two likely originating from the DPRK - and one targeting the DPRK.
The Voice of Korea and the Rivts Virus
This section describes a piece of malware that may have been created within the DPRK as part of a test project - and accidentally leaked out onto the wider internet.
A simple file-infector
We triage many millions of malicious files automatically every day in an effort to ensure our customers are covered from new threats. One malware family we regularly see, called Rivts by antivirus vendors, was originally created in 2009 but still continues to spread.
Rivts is a file-infecting worm - it spreads across USB drives and hard drives attaching itself to files to spread further. The new files we see everyday are the result of new files being infected with the original worm from 2009 - not new developments by the attacker.
Overall, it’s a fairly boring file infector (or “virus”). But there was one very strange thing that caught our eye.
North Korean Software
As part of its initial infection process, Rivts checks for the presence of system files normally found on Windows XP to infect first. But it seems to expect two pieces of uncommon software in the Windows System folder:
Below are the details of these two files, nnr60.exe and hana80.exe:
Whilst the DPRK is well known for developing its own Linux based operating system, and there is evidence of some DPRK hackers using |
NotPetya Wannacry Yahoo APT 38 | ||
 |
2018-02-13 13:01:02 | Deciphering Confucius\' Cyberespionage Operations (lien direct) |  In today's online chat and dating scene, romance scams are not uncommon, what with catfishers and West African cybercriminals potently toying with their victims' emotions to cash in on their bank accounts. It's quite odd (and probably underreported), however, to see it used as a vector for cyberespionage.
We stumbled upon the Confucius hacking group while delving into Patchwork's cyberespionage operations, and found a number of similarities. Code in their custom malware bore similarities, for instance. And like Patchwork, Confucius targeted a particular set of individuals in South Asian countries, such as military personnel and businessmen, among others.
Post from: Trendlabs Security Intelligence Blog - by Trend Micro
Deciphering Confucius' Cyberespionage Operations
|
Yahoo | ||
|
2018-02-08 14:00:00 | How Dangerous are Impersonation Attacks? (lien direct) |
Amongst the types of cyber attacks happening, impersonation attacks are an interesting evolving category. Such attacks are generally targeted at corporate employees. The attack is executed by sending an email to the target in which the sender attempts to masquerade as a trusted source. This is done in order to gain access to target’s sensitive information, such as financial data. The U.S. Federal Bureau of Investigation (FBI) has warned businesses about this growing threat and has estimated that such attacks have caused losses of approximately $5.3 billion globally.
A common example of impersonation attacks is Business Email Compromise (BEC) or "CEO fraud" that continues to manipulate companies by using false identities. This can severely damage a company’s reputation. This blog from last year explains BEC in detail.
Why are Impersonation Attacks Hard to Detect?
The major reason these attacks are difficult to be detected by users is ignorance and lack of attention to detail. Let’s understand this through an example:
Below is the same email address written twice, how fast can you spot the one with some error?
eeryaeel@reveantivirus.com
eeryaeel@reventivirus.com
It is hard to figure out the irregularity, especially when you have a hectic schedule at work and many distractions.
How are Impersonation Attacks Constructed?
Finding the Target
With the help of social engineering techniques, attackers look for potential victims. Facebook, LinkedIn and Twitter profiles are easiest mediums for attackers to collect information about their target. Name, email address, school, job title, short bio, job duties, location, etc. can be easily fetched by attackers from target’s social media accounts. Social engineering, which requires very little technical skill, can typically get attackers an unbelievable amount of information about the victim, freely available online.
Creating Credibility
Now, as the attacker has a significant amount of the target’s information in hand, the next step is to build credibility. Again, social engineering is an effective way to set the stage for the attack. The attacker will try to figure out who to impersonate. It could be the victim’s boss, one of his colleagues or someone close to him. Close friends can be found on Facebook, and people tend to be very trusting if they think they are dealing with close friends. Through the company website and social media pages, the attacker can easily pick the person to impersonate.
Executing the Attack
The final and the most important step is to choose a type of attack. Below mentioned are top 3 tactics used by attackers:
By Registering a Look-Alike Email Domain
The attacker can register a similar email domain and create a new email ID using a similar name to the person being impersonated. The attacker sends an email message to the target asking them to respond urgently. For instance, impersonating the target’s boss, the attacker creates an email id Smith@reventivirus.com and asks the victim to make urgent payment for an invoice attached with the message.
Editing the Display Name
The majority of the mobile email clients only show the display n |
Yahoo | ||
 |
2018-02-06 08:15:46 | Clap de fin pour Yahoo Aviate le 8 mars 2018 (lien direct) | Quatre ans après son lancement, le launcher pour Android tirera définitivement sa révérence le 8 mars 2018. « Vous ne verrez plus de nouveau contenu dans votre flux et Aviate ne sera plus supporté ou mis &agra...Lire la suite | Yahoo | ||
 |
2018-01-26 11:39:14 | The Democratic National Committee hired a Yahoo executive to beef up its cyber security (lien direct) | >The Democratic National Committee announced on Thursday the hiring of former Yahoo head of information security Bob Lord to serve as chief security officer in an effort to beef up its cyber security. View full story ORIGINAL SOURCE: Business Insider | Yahoo | ||
|
2018-01-26 05:19:18 | Former Yahoo CISO Bob Lord Joins DNC (lien direct) | Former Yahoo chief information security officer Bob Lord has been appointed chief security officer at the Democratic National Committee (DNC), the formal governing body for the United States Democratic Party. | Yahoo | ||
|
2017-12-29 17:38:40 | Sublist3r – Fast Python Subdomain Enumeration Tool (lien direct) |  Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
It also integrates with subbrute for subdomain brute-forcing with word lists.
Features of Sublist3r Subdomain Enumeration Tool
It enumerates subdomains using many search engines such as:
Google
Yahoo
Bing
Baidu
Ask
The tool also enumerates subdomains using:
Netcraft
Virustotal
ThreatCrowd
DNSdumpster
ReverseDNS
Requirements of Sublist3r Subdomain Search
It currently supports Python 2 and Python 3.
Read the rest of Sublist3r – Fast Python Subdomain Enumeration Tool now! Only available at Darknet.
|
Yahoo |
To see everything:
Our RSS (filtrered)
