A report foreseeing homegrown hacktivists showing their displeasure with President-elect Donald Trump by launching cyberattacks against U.S. government sites leads the latest edition of the ISMG Security Report. Also, the details behind the 1 billion-record hack of Yahoo.
Yahoo has the dubious distinction of having not just one but two record-shattering historical breaches come to light this year. The latest breach to be revealed, which dates back to 2013, involved the potential compromise of 1 billion accounts.
Yahoo in 2014 spotted that an attacker - later revealed to have compromised 500 million accounts - was inside its network, according to a new SEC filing. With Yahoo's $4.8 billion sale to Verizon still pending, the admission adds to the search giant's complications.
Did security vendor Cylance lean too heavily on decade-old research into weaknesses in a still-used electronic voting machine in order to get pre-election day headlines? A company spokesperson says no.
"How secure are we?" That's one of the most common questions asked by boards and senior managers. But security and technology leaders do not always have ready answers, says Jacob Olcott of BitSight Technologies. Are they even using the right security metrics?
Asked to explain the compromise of 500 million of its users' accounts, Yahoo appears to be trying to blame Russia. Of course, that would be an easy face-saving exercise for a publicly traded firm currently negotiating its $4.8 billion sale to Verizon.
The handling of a recent data breach - the details of which are still unfolding - by Oakland, Calif.-based web services company Regpack provides a look into how the discovery and disclosure of a breach can turn into a real train wreck.
Hutton Hotel says it failed to spot that its point-of-sale systems were compromised by malware for over three years. Separately, Noble House is now warning that its breach investigation uncovered 10 malware-infected hotels or restaurants.
Dear customer: "The security and privacy of your systems are our priority." Cue a new breach notification, this time from Lightspeed POS, which sells a cloud-based point-of-sale product used by 38,000 organizations.
To the annals of super-bad historical mega breaches that no one knew about, add two new entries: Dropbox and Last.fm. Hackers reportedly stole tens of millions of usernames and passwords from each in 2012.
Two hotel chains - Millennium and Noble House - are warning that they've suffered point-of-sale malware infections that compromised customers' payment card data. Both say they were alerted to related card fraud by the U.S. Secret Service. Could the breaches be tied to the Oracle MICROS breach?
Epic Games is warning of another data breach - its second in 13 months - involving several of its forums and affecting about 808,000 accounts. Attackers appear to have exploited a SQL vulnerability in Epic's vBulletin forum software.
Retailer Eddie Bauer is warning customers that their payment card data may have been compromised by point-of-sale malware during a six-month attack. The warning follows HEI Hotels & Resorts disclosing a 15-month malware attack affecting 20 locations.