Top CyberSecurity News For October 14th 2016

1. Verizon signals Yahoo data breach may affect acquisitionFrom CSO Online. 

Verizon has signaled that Yahoo’s massive data breach may be enough reason to halt its US$4.8 billion deal to buy the internet company.

On Thursday, Verizon’s general counsel Craig Silliman said the company has a “reasonable basis” to believe that the breach involving 500 million Yahoo accounts has had a material impact on the acquisition. This could give the company room to back out or get a large discount.

Advertisements

Top CyberSecurity News For October 1st 2016

  1. Yahoo hack may become test case for SEC data breach disclosure rulesFrom Reuters. 

    Yahoo’s disclosure that hackers stole user data from at least 500 million accounts in 2014 has highlighted shortcomings in U.S. rules on when cyber attacks must be revealed and their enforcement.

    Democratic Senator Mark Warner this week asked the U.S. Securities and Exchange Commission to investigate whether Yahoo and its senior executives properly disclosed the attack, which Yahoo blamed on Sept. 22 on a “state-sponsored actor.”

    The Yahoo hack could become a test case of the SEC’s guidelines, said Jacob Olcott, former Senate Commerce Committee counsel who helped develop them, due to the size of the breach, intense public scrutiny and uncertainty over the timing of Yahoo’s discovery.

Top CyberSecurity News For 22nd September 2016

  1. Yahoo Confirms At Least 500 Million Accounts Were HackedFrom Fortune. 

    Yahoo said on Thursday that information for at least 500 million user accounts was stolen from its network in 2014 by what it believed was a state-sponsored actor, a theft that appeared to the biggest cyber breach ever.

    Yahoo said data stolen may have included names, email addresses, telephone numbers, dates of birth, and encrypted passwords but that unprotected passwords, payment card data, and bank account information did not appear to have been compromised, the company said.

    “This is the biggest data breach ever,” said well-known cryptologist Bruce Schneier.

Top CyberSecurity News For 31st May 2016

  1. 65 million Pre-Yahoo Acquisition Tumblr Accounts Were HackedFrom HackRead. Tumblr recently revealed that it discovered a breach in their systems which affected users accounts and their passwords. The company said that the hack had happened back in 2013, but they just recently discovered it. It also refused to give figures of how many of its users had been affected. However security researchers have done an independent analysis, and it appears the numbers actually stands at 68 million.

  2. How new cyber espionage group Danti is targeting govtFrom Financial Express. Cybersecurity is an area of great concern in business as well as government circles. Internet security experts have identified a major cyberespionage activity in India. Recently, IT security firm Kaspersky Lab made a startling revelation that a fairly new and previously unknown cyberespionage group, called Danti, may already have full access to internal networks in Indian government organisations.

Top CyberSecurity News For 6th May 2016

  1. A 10-year-old hacked Instagram so Facebook gave him $10,000. From Mashable. Before he even reached the age requirement to make a Facebook account, a 10-year-old found a major flaw in Instagram, earning him a cool $10,000 from Facebook. Jani (his parents withheld his last name), figured out a way to get into Instagram’s servers and delete text posted by Instagram users, Finnish news site Iltalehti reported.

  2. Big data breaches found at major email services – expertFrom Reuters.  Hundreds of millions of hacked user names and passwords for email accounts and other websites are being traded in Russia’s criminal underworld, a security expert told Reuters.The discovery of 272.3 million stolen accounts included a majority of users of Mail.ru, Russia’s most popular email service, and smaller fractions of Google,  Yahoo and Microsoft email users, said Alex Holden, founder and chief information security officer of Hold Security.

  3. A four-step plan to prevent ransomware attacksFrom The Advisory Board.  Ransomware attacks encrypt your files and demand ransom for the decryption key. In some cases, hospitals have paid thousands of dollars to regain access to their data. To protect your data, Advisory Board experts recommend four common-sense steps.
  4. Critical flaws in ImageMagick library expose websites to hackingFrom CIO.com. A tool used by millions of websites to process images has several critical vulnerabilities that could allow attackers to compromise Web servers. To make things worse, there’s no official patch yet and exploits are already available. The vulnerabilities were discovered by Nikolay Ermishkin from the Mail.Ru security team and were reported to the ImageMagick developers who attempted a fix in version 6.9.3-9, released on April 30. However, the fix is incomplete and the vulnerabilities can still be exploited.
  5. Introduction to Digital CertificatesFrom Comodo. Digital Certificates are a means by which consumers and businesses can utilise the security applications of Public Key Infrastructure (PKI). PKI comprises of the technology to enables secure e-commerce and Internet based communication. The number of people and businesses online is continuing to increase. As access becomes faster and cheaper such people will spend even more time connected to the Internet for personal communication and business transactions. The Internet is an open communications network that was not originally designed with security in mind. Criminals have found they can exploit its vulnerabilities for fraudulent gain. If the Internet is to succeed as a business and communications tool users must be able to communicate securely