News week time, and some great stuff as usual, well…great reading, not necessarily always great for all parties involved, but you catch my drift. Enjoy!
- So, our first story is pretty good…this, I can’t make this stuff up. So, Paul Combetta the guy responsible for deleted Clinton emails looks to have solicited help from Reddit, in order to do the task. A number of Reddit users made the connection between questions posted on Reddit by a user “stonetear” and Paul. Since the accusations were made, the messages have been deleted, but not before they were archived. This is amazing, if true. Here we have a computer specialist working for the potential president of the United States, and yet is dumb enough to not use a throwaway account when asking how to essentially commit a crime. Fantastic.
- Read More @ http://www.usnews.com/news/articles/2016-09-19/paul-combetta-computer-specialist-who-deleted-hillary-clinton-emails-may-have-asked-reddit-for-tips
- Next, our usual story from Krebs, but this time he himself is the topic of conversation, as it seems like someone out there really dislikes him and his website as he has been hit by a DDoS attack that peaked at about 650Gbps. That is a record, and an absolutely staggering amount of traffic. Attacker is unknown at the time, but given that Krebs tends to be quite (un)popular with the cyber crooks crowd, it could be a long list of potential suspects.
- Read More @ http://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/
- Next, the biggest news of the week by far, Yahoo has confirmed news of a massive breach that resulted in compromise of something around 500 million Yahoo accounts, making it by far the biggest breach on record. This was from the breach in 2014, but finally we have some more concrete information. Yahoo is claiming a state-sponsored actor is responsible for the breach. If you had a Yahoo account at that time, change your password asap.
- Read More @ https://nakedsecurity.sophos.com/2016/09/23/change-your-password-yahoo-confirms-data-breach-of-500-million-accounts/
- Next, some interesting news on the “NSA Breach” that results in a number of their tools and exploits going public. New information has surfaced, that shed some light on how the leak happened. Apparently these tools were mistakenly left on a remote server by a former agent, after an operation and were then found by “The Shadow Brokers”. NSA was apparently aware of this, and yet choose to do nothing, except wait to see if anyone would find and put the tools to use.
- Read More @ http://thehackernews.com/2016/09/nsa-hacking-tool-exploits.html
- Lastly, in a new report by Lloyd’s, a European based cyber insurance provider claims that over 90% of European firms were hit by a data breach in the past 5 years, and yet they did not seem too concerned with it happening again. Additionally, most did not seem aware of the changes in the European regulations either.
- Read More @ www.infosecurity-magazine.com/news/over-90-of-euro-firms-hit-by-data