Yahoo confirms hack, roughly 500 million email accounts breached

Posted by:
Date: Friday, September 23rd, 2016, 05:51
Category: Hack, Legal, News, security

yahoomail

In the annals of hacks and breaches, this is pretty epic.

Yahoo confirmed on Thursday data “associated with at least 500 million user accounts” have been stolen in what may be one of the largest cybersecurity breaches ever.

The company said it believes a “state-sponsored actor” was behind the data breach, meaning an individual acting on behalf of a government. The breach is said to have occurred in late 2014.

“The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers,” Yahoo said in a statement.

(more…)

Apple releases Security Update 2016-001 for OS X Yosemite, El Capitan users

Posted by:
Date: Friday, September 2nd, 2016, 05:55
Category: News, security, Software

blog_basic-computer-security-tips_132796727-806x393

Because security updates are a good thing.

On Thursday, Apple released Security Update 2016-001 for users of OS X 10.10 Yosemite and OS X 10.11 El Capitan. The fix covers assorted zero-day exploits that could allow full access to a device and updates Safari to version 9.3.5 to patch security holes in the browser as well.

The exploits require the user to open a URL from an SMS message, which then executes remote binary files in the OS that dig into the kernel and allow unauthorized software to be installed—in iOS this effectively jailbreaks your device behind your back.

(more…)

Dropbox pushed mandatory password changes for large swath of user base following hack of 68 million accounts

Posted by:
Date: Thursday, September 1st, 2016, 05:00
Category: News, security, Software

dropboxlogo

Well, there’s a pretty good reason Dropbox asked a large segment of its user base to change their passwords last week.

The password change, which focused on users who had signed up period to mid-2012, followed the discovery of a large dump of email addresses and passwords related to these accounts.

The online storage company confirmed late Tuesday reports that 68 million user email addresses and hashed and salted passwords from an incident in 2012 had been compromised.

(more…)

Transmission BitTorrent client found to be spreading OS X/Keydnap malware

Posted by:
Date: Wednesday, August 31st, 2016, 05:27
Category: macOS, News, security, Software

transmissionicon

The malware beast raises its head once again.

Transmission, a popular BitTorrent client, has been discovered to once again be distributing Mac-based malware under version 2.92, months after it was used to spread a strand of ransomware.

Researchers at security firm ESET have been following a malware called OSX/Keydnap, which can steal passwords, and noticed that it was spreading through Transmission’s official site.

As of now, a version of Transmission containing the malware is in the wild according to ESET.

(more…)

Dropbox resets passwords for users who haven’t logged in since mid-2012

Posted by:
Date: Monday, August 29th, 2016, 05:56
Category: Archive, security, Software

dropboxlogo

It’s a bit of a strong measure, but Dropbox decided to take it.

On Friday, Dropbox required users who hadn’t logged in since mid-2012 to change their account passwords. The company stated that this was a preventative measure and that this wasn’t an indication that accounts had been improperly accessed.

They concluded by apologizing for the inconvenience.