Justice Department files charges against Russian hackers following Yahoo email breaches

Posted by:
Date: Thursday, March 16th, 2017, 05:56
Category: Hack, News, security

They found the people who hacked into more than half a billion Yahoo email accounts.

The Justice Department announced charges Wednesday against two Russian spies and two hackers behind the infamous 2014 hacks, which have been identified as among the most significant digital security breaks in American history.

The four men together face 47 criminal charges, including conspiracy, computer fraud, economic espionage, theft of trade secrets and aggravated identity theft, the Justice Department said in a news release.

(more…)

WikiLeaks to share CIA hacking tools with Apple, other firms after security fixes are complete

Posted by:
Date: Friday, March 10th, 2017, 05:36
Category: Hack, iOS, News, privacy, security, Software

Following WikiLeaks’ release of more than 8,000 documents from inside the CIA’s Center for Cyber Intelligence, Apple followed up, saying it had already fixed most of the exploits the agency had found to hack into iPhones.

WikiLeaks founder Julian Assange said Thursday he will share the code, which was withheld from the published documents, with tech companies like Apple.

Per Assange:

“We have decided to work with [tech companies] to give them exclusive access to the additional technological details we have so that fixes can be developed and pushed out,” Assange said in a live-streamed press conference from the Ecuadorian Embassy in London, where he lives. “Once this material is effectively disarmed by us we will publish additional details.”

(more…)

Apple responds to WikiLeaks’ release of CIA-based documents, states that ‘many’ of the iOS-related exploits have already been patched

Posted by:
Date: Wednesday, March 8th, 2017, 05:47
Category: Hack, iOS, News, privacy, security, Software

With any luck, this’ll provide some consolation.

Following up on the revelation that WikiLeaks had intercepted and released what might amount to 8,700+ documents from the CIA’s Center for Cyber Intelligence unit – part of which is devoted to obtaining zero-day exploits for iOS devices – and that the CIA had lost control of the majority of its hacking arsenal, Apple went on record to state that “many of the issues leaked today were already patched” in the most recent version of iOS.

The company offered the following comment:

(more…)

WikiLeaks releases 8,700+ CIA-related documents, show agency efforts towards hacking Android systems, iPhones, operating systems and smart TVs

Posted by:
Date: Wednesday, March 8th, 2017, 05:43
Category: Android, Google, Hack, Hardware, iOS, iPhone, macOS, News, privacy, Samsung, security

This is pretty much one for the ages.

WikiLeaks has released more than 8,700 documents that have apparently originated from the CIA’s Center for Cyber Intelligence, with some of the leaks saying the agency had 24 “weaponized” and previously undisclosed exploits for the Android operating system as of 2016.

Some of the Android-specific exploits were developed by the CIA, while others hailed from the U.S. National Security Agency, U.K. intelligence agency GCHQ, and cyber arms dealers.

Among the smartphone-related tools developed by the CIA were assets that allow the agency to bypass encryption found in WhatsApp, Confide and other applications known to use encryption. These tools, according to WikiLeaks analysis, capture audio and message traffic before encryption has a chance to be applied.

(more…)

Yahoo discloses third data breach in six months

Posted by:
Date: Thursday, March 2nd, 2017, 05:39
Category: Hack, News, security

The hits just keep on coming.

Yahoo today revealed a third major hack, wherein some 32 million accounts have been accessed by intruders over the past two years. These accounts are in addition to the accounts affected by the two data breaches the company had previously disclosed.

The accounts were apparently compromised via forged cookie files. Yahoo has stated that the accounts were accessed by the “same state-sponsored actor beloved to be responsible for the 2014 hack.” The 2014 hack was the one that affected at least 500 million accounts.

(more…)

Verizon settles on $4.48 billion purchase price for Yahoo’s core assets following email hacks

Posted by:
Date: Wednesday, February 22nd, 2017, 05:01
Category: Finance, Hack, Legal, News, wireless

Verizon was able to save even more money following Yahoo’s email hacks.

The telecommunications company announced a deal to buy the core business of Yahoo for $4.48 billion —managing to secure a $350 million discount it was pursuing because of two major security breaches, the last of which affected over 1 billion accounts.

The deal states that both Yahoo and Verizon will share some liabilities following the 2013 and 2014 hacks. The companies will split cash liabilities linked to some lawsuits and government investigations, but Yahoo alone will be saddled with some liabilities from shareholder lawsuits and U.S. Securities and Exchange Commission investigations.

(more…)

Security researchers at Bitdefender find evidence of X-Agent malware variant for macOS

Posted by:
Date: Thursday, February 16th, 2017, 05:13
Category: Hack, News, security, Software

The malware that may have swung the U.S. presidential election could be on its way to a Mac near you.

Security researchers have discovered a macOS malware program that’s likely part of the arsenal used by the Russian cyberespionage group blamed for hacking into the U.S. Democratic National Committee last year.

The group, known under such names as “Fancy Bear”, “Pawn Storm” and “APT28”, has been active for almost a decade and is believed to be the sole user and likely developer of a Trojan program called Sofacy or X-Agent.

X-Agent variants for Windows, Linux, Android, and iOS have been found in the wild in the past, but researchers from Bitdefender have now come across what appears to be the first macOS version of the Trojan.

(more…)

Yahoo sale price discounted by $250 million in wake of hacks

Posted by:
Date: Thursday, February 16th, 2017, 05:23
Category: Finance, Hack, News

You pay less if the item you’re buying has a couple of dings on it.

Verizon is apparently close to purchasing Yahoo’s Internet properties for roughly $4.8 billion, a price that includes a $250 million discount after the revelation of security breaches at the web company.

Sources close to the store cited the discounted price as well as Yahoo’s possibly being renamed “Altaba Inc.”. An announcement of the new agreement could come in a matter of days or weeks, said the sources. The revised agreement isn’t final and could still change.

Yahoo said in December that cyberthieves in 2013 siphoned information including users’ e-mail addresses, scrambled account passwords and dates of birth. The stolen data may allow criminals to go after more sensitive personal information elsewhere online. The announcement followed news in September of a 2014 breach that affected at least 500 million customer accounts.

(more…)

Apple’s Activation Lock website could have played role in hack, thereby leading to its sudden closure

Posted by:
Date: Tuesday, January 31st, 2017, 05:44
Category: Hack, iOS, iPad, iPhone, iPod Touch, News, security, Software

Apple’s Activation Lock web site may have been involved in a hack, thus explaining its sudden removal and elimination.

As it turns out, the Activation Lock website was a vital part of a bypass hack used to unlock devices bricked by Activation Lock, perhaps hinting at why Apple shelved it.

The hack centered around the perpetrators changing one or two characters of an invalid serial number, thereby generating a valid serial number for an iOS device. The valid number could then be used to gain full access to the iPhone, iPad or iPod touch.

(more…)

Yahoo discloses details of August 2013 hack, says more than one billion accounts compromised in effort

Posted by:
Date: Thursday, December 15th, 2016, 05:32
Category: Hack, Hacks, News, security

yahoomail

It doesn’t look good when half a billion of your company’s email accounts are hacked.

And it looks a bit worse when a cool billion of them in total were hacked.

Yahoo on Wednesday announced that it believes more than one billion Yahoo user accounts were compromised in a hack by an unauthorized third party in August of 2013.

The company disclosed that information stolen from affected accounts includes names, email addresses, telephone numbers, birth dates, hashed passwords, and both encrypted and unencrypted security questions and answers. Clear text passwords, bank account information, and credit/debit card information were not believed to be accessed in the attack.

(more…)