Tag Archives: Yahoo

Who’s Behind the Yahoo Attack? It might be Russian Agents

We’re all familiar with the massive data leaks that Yahoo suffered last year. But until recently, we had very little in the way of clues as to who was behind the attacks which started at the beginning of 2014. As more evidence comes to light, it’s becoming increasingly apparent that this is not your run-of-the-mill cybercrime. According to a recent indictment by the US Department of Justice, the folks behind that attack appear to be agents of the Russian Federal Security Service.

The theft of 500 million Yahoo accounts three years ago was allegedly used as a way for the Russian government to access information on a series of targets ranging from the White House itself to cloud computing companies. Military officials, executives of financial companies, and even an airline company were also among the targeted.

In the name of espionage, this attack gave hackers the means of stealing data such as names, email addresses, and credentials. According to information provided by Yahoo in their announcement of the breach, the culprits would not have been able to access data of a more confidential nature, such as sensitive financial information.

In a somewhat ironic turn of events, the information provided by the Justice Department indictment appears to indicate that the stolen data was also used to spy on Russian government officials.

The Yahoo Attack: A Breach to Go Down in History

While this would not be the first time that Russian cybercriminals have been accused of data theft, it is in fact the first time that charges have been filed against officials operating in the shadow of Vladimir Putin. Although the agency is supposed to help agencies of other countries track down Russian cybercriminals, in this case two of its own operatives allegedly collaborated to conceal the robbery from their superiors.

“The involvement and direction of F.S.B. officers with law enforcement responsibilities makes this conduct that much more egregious,” said acting assistant US Attorney General Mary B. McCord.

Although the Russian administration has not given an official response to the US indictment, the country’s press has called into question the US Department of Justice’s movement.

In any case, and regardless of who is responsible for these or other breaches, massive data leaks at services such as Yahoo highlight the need to use secure credentials and a protection that is suited to the needs of your company to prevent the theft of confidential information, or even considerable sums of money, in the event of a cyberattack.

The post Who’s Behind the Yahoo Attack? It might be Russian Agents appeared first on Panda Security Mediacenter.

Goodbye! Yahoo to rename itself 'Altaba' after Verizon Deal

It’s time to say goodbye to Yahoo!

While Yahoo’s core internet business was being sold to Verizon for $4.8 Billion, the remaining portions of the company left behind is renaming itself to Altaba Inc, which marks the sad ending of one of the most familiar brand names on the internet.

In a public filing with the Securities and Exchange Commission (SEC) on Monday, the company announced that

Don’t Let Yahoo Happen To You: How to Protect Your Business from Large-Scale Data Theft

yahoo-data-theft

In 2016, the theft of passwords from internet titans is no longer an exception. Just when it seemed like the year was winding down, having left us with the surprising news of what until yesterday was considered the highest magnitude cyberattack in history suffered by Yahoo and reported three months ago, this same company returns to headlines after announcing the theft of data from 1 billion accounts.

This comes on the tail of some revealing figures. For example, massive data breaches have, amazingly, affected 97% of the 1000 largest companies in the world.

After admitting last September that in 2014 they had suffered a large-scale theft that affected 500 million users, Yahoo revealed today that in 2013 it suffered what is now considered the worst incident of information piracy in history with the theft of 1 billion accounts.

There’s a strong resemblance between this attack and the ones we’ve been analyzing over the past months. These recent attacks showcase the way cybercriminals gain access to names, email addresses, phone numbers, dates of birth, passwords, and in some cases clients’ encrypted and unencrypted security questions. The dimensions of the incident are truly staggering.

Yahoo disclosed that “an unauthorized third party” accessed the data and that at this time the culprit remains unnamed.

Economic repercussions aside, these incidents also call into question the issue of deteriorating user confidence. For example, Verizon’s initiative to integrate Yahoo into the AOL platform will certainly come under scrutiny.

How Should You Keep Your Business Safe?

There’s a legitimate reason to fear for your business’s confidential information. An outsider capable of getting the key to your company’s data, as happened at Yahoo, is a latent risk. Prevention has become the greatest asset in combating Black Hats and avoiding some of the dire consequences of these attacks.

To that end, we encourage you to turn to the advanced cybersecurity solution best suited to your company’s needs. Our Adaptive Defense 360 can offer you:

visbilidad- adVisibility: Traceability and visibility of every action taken by running applications.

 

deteccion- adDetection: Constant monitoring of all running processes and real-time blocking of targeted and zero-day attacks, and other advanced threats designed to slip past traditional antivirus solutions.

 

respuesta- adResponse: Providing forensic information for in-depth analysis of every attempted attack as well as remediation tools.

 

prevencion- adPrevention: Preventing future attacks by blocking programs that do not behave as goodware and using advanced anti-exploit technologies.

 

This is the only advanced cybersecurity system that combines latest generation protection and the latest detection and remediation technology with the ability to classify 100% of running processes.

The post Don’t Let Yahoo Happen To You: How to Protect Your Business from Large-Scale Data Theft appeared first on Panda Security Mediacenter.