Data Breach

Data Breach news, analysis, research, how-to, opinion, and video.

2 ransomware
01 plan

170315 fbi 2

Inside the Russian hack of Yahoo: How they did it

One mistaken click. That's all it took for hackers aligned with the Russian state security service to gain access to Yahoo's network and potentially the email messages and private information of as many as 500 million people.

Russia

US faces limits in busting Russian agents over Yahoo breach

In a rare move, the U.S. has indicted two Russian government agents for their suspected involvement in a massive Yahoo data breach. But what now?

magnifying glass contract

Want good cyber insurance? Read the fine print

Given the explosive growth of online threats, cyber insurance is becoming mandatory for most organizations. But the field is still new enough that buying an effective policy takes a lot of due diligence and attention to the fine print....

video

Inside the Russian hack of Yahoo: How they did it

The U.S. Federal Bureau of Investigation has been investigating the intrusion for two years, but it was only in late 2016 that the full scale of the hack became apparent. On Wednesday, the FBI indicted four people for the attack, two...

fbi yahoo russia hack

Four charged, including Russian gov't agents, for massive Yahoo hack

The U.S. Federal Bureau of Investigation has charged four people, including two Russian state intelligence agents, for their involvement in a massive hack of Yahoo that affected half a billion accounts.

twitter counter hacked

Twitter accounts hacked, Twitter Counter steps forward as culprit

Twitter Counter, a third-party analytics service, appears once again to have provided a gateway for hackers to post messages to high-profile Twitter accounts.

whatsapp

Malicious uploads allowed hijacking of WhatsApp and Telegram accounts

A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos.

handcuff arrest

Hire a DDoS service to take down your enemies

With the rampant availability of IoT devices, cybercriminals offer denial of service attacks to take advantage of password problems.

marissa mayer president ceo yahoo

Yahoo and 'the failure to comprehend'

One of the biggest challenges facing the C-suite and boards is the failure to comprehend the universality of cyber security threats.

Spam examples

SpammerGate: The takeaway lessons and follow-ups on the River City Media data breach

Earlier this week, Salted Hash reported on the River City Media data breach, which exposed their operations fully. Today's follow-up examines some lessons learned, and few of the tools used by the company during their spamming...

screen shot 2017 02 27 at 4.33.35 pm

US senator probes into CloudPets smart toy hack

A U.S. senator is probing reports of a breach of data from smart toys from Spiral Toys, writing to the company’s CEO a letter with ten questions about the issue, including about the company’s security practices.

bullseye hospital healhcare

Ransomware picks off broader targets with greater severity

How to protect more critical organizations from evolving ransomware.

smashed mailbox

Spammers expose their entire operation through bad backups

In January, MacKeeper researcher Chris Vickery contacted Salted Hash with an interesting discovery, and with the help of Spamhaus, we were able to fully make sense of the data. What follows is an inside look at a well-known, but...

man person building front columns

Security experts talk insider threats

So much of the noise today seems to still focus on the adversary/hacker breaking the perimeter and accessing a network. While a huge problem, I wanted to shed more light on the insider threat problem and better understand some...

slack bug

Slack bug paved the way for a hack that can steal user access

One bug in Slack, the popular work chat application, was enough for a security researcher to design a hack that could trick its users into handing over access.

shopping cart outdoors commerce

Network security demands better procurement processes

The federal government is spending millions of dollars to deal with the aftermath of cyber breaches but why aren't we putting more resources and money into preventing them in the first place?

yahoo mail

Yahoo execs botched its response to 2014 breach, investigation finds

The internet pioneer, which reported a massive data breach involving 500 million user accounts in Sept., actually knew an intrusion had occurred back in 2014, but allegedly botched a proper response.

01 respond attack

How to respond to a cyber attack

Following a breach, organizations should focus on mitigating damage and data loss and providing information to law enforcement. Partner at Ballard Spahr, LLP and former Assistant U.S. Attorney Ed McAndrew and Guidance Software...

Load More