Issue 3

Yahoo Hack Leaves One Billion Accounts Compromised

Yes, one billion. In it's dive towards rock-bottom, Yahoo announced that separate from its previous breach of 500 million accounts, another breach occurred a year earlier compromising 1 billion accounts, making it the biggest known hack of user data ever. To add to the good news, all passwords were hashed with md5, making them trivial to decipher.

wired.com

 

Europol arrests 34 Teenagers for using DDoS Attack Tools

Europol is on a roll. Last week they announced the dismantling of the Avalanche botnet. Now they announced the arrest of 34 people and interviewing 101 suspects on charges of DDOS attacks. It might be a drop in the bucket, but they hope it will send a warning to other wannabe script kiddies.

thehackernews.com

 

Two separate security audits underway for OpenVPN.

After the successful audit of Veracrypt there is a new crowdfunding effort underway by OSTIF (Open Source Technology Improvement Fund) with the goal of performing a security audit on OpenVPN. At the same time PIA (Public Internet Access, a VPN provider, announced that they are hiring cryptographer Dr. Matthew Green to also perform an audit. The more the merrier.

helpnetsecurity.com

 

Ashley Madison Dating Site Agrees to Pay $1.6 Million Fine Over Massive Breach

After the notorious data breach of 35 million users, back in 2015, the company must now pay $1.6 million and agree to twenty years of FTC oversight of its network security. They were supposed to pay $17.5 million, but it seems this is the most they can afford.

thehackernews.com

 

323,000 pieces of malware detected daily

300.000+ malware files are added to Kaspersky's database daily. The total count of unique malware files now sits at a whopping 1 billion. Apparently they use a machine learning component called Astraea, which by itself detects and classifies about twenty percent of all new incoming malware events.

helpnetsecurity.com

 

Netgear router remote control bug – what you need to know

Recently a remote access exploit was discovered in the Netgear Nighthawk routers, which was serious enough to make multiple headlines. Right now Netgear is beta-testing a patch. If you have one of these routers, check out what you need to do.

sophos.com

 

Apple Fixes 97 Vulnerabilities Across macOS, iTunes, Safari, iCloud

Time to run them updates. Apple released a set of security patches for macOS Sierra, iOS, iCloud, iTunes and Safari.

threatpost.com

 

5-year-old Skype Backdoor Discovered — Mac OS X Users Urged to Update

Another update to run for us Mac users. A backdoor has been discovered in Skype that lets a malicious program read and listen to all Skype communication. Some say it's a deliberate backdoor, Microsoft says it isn't. Either way, the latest patch should fix it.

thehackernews.com

 

Ransomware offers free decryption if you infect two friends

I suppose this gives a whole new meaning to viral marketing. This type of ransomware will let you off the hook if two of your friends are infected through a referral link. They both have to pay to set you free.

theregister.co.uk

 

Data breaches in 2016

Quite a sobering list of all the big data breaches that happened in 2016. The year is not over yet, so it's still being "continuously updated" :-)

identityforce.com