Items tagged with security

We've talked a lot about IoT devices here at HotHardware, but over the past year, it's become increasingly clear that we have to be careful with how we roll out new devices. Companies are leading us on to believe that in the future, the world will simply be blanketed with IoT devices everywhere. We see that as a potentially major security risk. Our simple IoT devices could become part of a DDoS network, and we'd not even know it. Bear in mind that it was a mammoth cluster of IoT devices that helped bring an unprecedented deluge of traffic towards Brian Krebs' website last month. And, as if we needed... Read more...
It's been a long time since I've read Dale Carnegie's "How to Win Friends and Influence People" but I'm pretty sure there isn't a chapter on holding people hostage. That's generally a bad idea, and so is Yahoo's decision to disable the forwarding feature for its email service, which effectively prevents Yahoo Mail users from hightailing it out of there with a note left behind for anyone that comes looking. As one Yahoo Mail user told the Associated Press, the timing here is "extremely suspicious." I don't disagree with that observation. Apparently Yahoo flipped the switch on its forward feature... Read more...
As if relations between US and Russia governments weren't sensitive enough, both the Department of Homeland Security and Office of the Director of National Intelligence have officially accused Russia of being responsible for breaking into official government servers and stealing more than 19,000 emails relating to the DNC this past summer. While some US government officials, including Hillary Clinton, have already made their own accusations towards the Kremlin, this is the first time the US government as a whole has directed blame specifically. It's unclear at this time whether or not this accusation... Read more...
"Yahoo" is a positive word, but in relation to the internet giant, it's starting to feel like it could describe some of the company's key management. Yahoo has been dealing with some troubling issues, but most of those issues were self-created, such as failing to disclose a security breach which took place years ago, and building a custom tool for the U.S. government - and the NSA in particular - to scan user emails. Now, it's being reported that Yahoo's tool is in effect a sophisticated "hacking tool", although it's supposedly not that much different from Yahoo's preexisting tools used to... Read more...
The battle between the FBI and locked phones is far from over. The FBI is currently trying to crack into another locked iPhone that once belonged to a now deceased terrorist. The iPhone in question belonged to Dahir Adan, who stabbed ten people in a Minnesota mall before a police officer shot and killed him. ISIS has claimed credit for the attack over social media. FBI special agent Rich Thorton recently stated, “Dahir Adan’s iPhone is locked. We are in the process of assessing our legal and technical options to gain access to this device and the data it may contain.” It is unclear what what model... Read more...
The security breach that rocked Yahoo two years ago could end up costing the company and its shareholders a lot of money—$1 billion, to be exact. That's the amount Verizon wants discounted from its pending acquisition of the search and media giant after agreeing to the buy Yahoo for $4.8 billion. The deal has yet to be finalized. Verizon's plan was to mesh Yahoo with AOL, the latter of it purchased a year ago for $4.4 billion. However, AOL CEO Tim Armstrong may be looking at ways to back out of the deal after it came to light that Yahoo failed to disclose the extent of its security breach in a... Read more...
Well, this isn't good. The source code for the botnet that took KrebsOnSecurity down by tapping into an unprecedented number of Internet of Things (IoT) devices has been released to the public. It's availability virtually ensures that distributed denial of service (DDoS) attacks equal in size or even larger will follow, creating financial headaches and service disruptions for companies both big and small. Brian Krebs, a renowned security expert and author of the aforementioned blog, recently found his website the target of one of the largest DDoS attacks in history. The massive attack brought in... Read more...
To call this a stressful time for Yahoo would be an understatement. As the company is in the process of being scooped up by Verizon, it's also dealing with the aftermath of what could become the largest security breach in all of history - at least in terms of users impacted. We reported last week that the company was slapped with a class action suit a mere day after it was discovered that upwards of 500 million user accounts were affected in a security breach. Today, an insider and former Yahoo exec claims that the real number could be double that - cue diabolical pinky finger to mouth: 1 billion (Or... Read more...
Security firm Cellebrite made headlines earlier this year when its services were employed by the FBI to help break into the phone of the San Bernardino shooter. Cellebrite recently invited a bunch of UK press to an event to show off what it's capable of.Equipped with an outdated smartphone, BBC reporter Rory Cellan-Jones went off for a half an hour, password-protected the device, and took pictures -- basically using the phone normally. You can see where this is going. Despite the password, Cellebrite plugged the phone into a bulky tablet, and after a few taps, the phone's security was disabled.... Read more...
The web is becoming the wild, wild west all over again it seems. You could argue the Internet's always been a potentially dangerous place, but with the proliferation of smart devices becoming increasingly commonplace, cybercriminals now have more points of entry into home networks than ever before. Smart home automation gadgets collectively comprise much of what's referred to as the Internet of Things (IoT), and just like your PC, they can be silently hijacked and enlisted into a botnet, a malicious network of systems under the control of a foreign party. Individually, all these smart lighting,... Read more...
The latest version of iOS brings a lot of interesting (and perhaps fun) things to the table, but as it turns out, It had one sloppy regression that was quickly pointed out. Apple shipped iOS 10 with a severe security vulnerability that affects iTunes backups. As we reported on Friday, Russian security research firm Elcomsoft revealed that gaining access to an iOS 10 backup password via iTunes, is "2,500 times faster" than before. While that speed boost is likely only going to be useful to those who have physical access to a device, it's an alarming statistic nonetheless. And if there's... Read more...
Yahoo is the latest major US corporation dealing with the fallout of a data breach that happened two years ago. Some might say that Yahoo's heartburn is well-deserved, though, as the company could have handled things better back in the day, which would have led to a better outcome right now. As we covered on Thursday, Yahoo suffered a major breach back in 2014 that resulted in some 500 million user accounts having their information compromised. However, it's only just recently that users have learned of this, so that's the first major criticism of Yahoo but it goes deeper. Yahoo has said that... Read more...
Today the bad guys have won. Not the war, mind you, but a skirmish with renowned security journalist Brian Krebs, author of The New York Times bestseller "Spam Nation," a former writer for the The Washington Post, and owner of KrebsOnSecurity, a popular security blog that's no longer live after cloud service provider Akamai gave Krebs just 2 hours to pack his things and leave. Of course, there's more to the story than that. Akamai isn't some evil company secretly working for the bad guys (we hope not, anyway). But it was providing free service to Krebs for his blog. You get what you pay for. In... Read more...
Yahoo is getting ready to disclose a data breach that exposed account details for at least 200 million users. While nothing is yet official on Yahoo's part, the forthcoming disclosure is likely related to a security breach earlier this summer that Yahoo previously said it was investigating. Since then, a cybercriminal who goes by the name "Peace" has been selling the data on the dark web for $1,800.Peace, who has been linked to other high profile security breaches, claims the data includes usernames, passwords that are easy to decrypt, and personally information such as birth dates, email addresses,... Read more...
Prev 1 2 3 4 5 Next ... Last