Yahoo breach means hackers had three years to abuse user accounts

Security researchers are disturbed it took Yahoo three years to discover that details of over 1 billion user accounts had been stolen back in 2013.It means that someone -- possibly a state-sponsored actor -- had access to one of the largest email user bases in the world, without anyone knowing. The stolen database may have even included information on email ids of U.S. government and military employees.“It is extremely alarming that Yahoo didn’t know about this,” said Alex Holden, chief information security officer with Hold Security.Yahoo said back in November it first learned about the breach when law enforcement began sharing with the company stolen data  that had been provided by a hacker. At the time, the company was already dealing with a separate data breach, reported in September, involving 500 million user accounts.To read this article in full or to leave a comment, please click here

Yahoo breach means hackers had three years to abuse user accounts

Security researchers are disturbed it took Yahoo three years to discover that details of over 1 billion user accounts had been stolen back in 2013.It means that someone -- possibly a state-sponsored actor -- had access to one of the largest email user bases in the world, without anyone knowing. The stolen database may have even included information on email ids of U.S. government and military employees.“It is extremely alarming that Yahoo didn’t know about this,” said Alex Holden, chief information security officer with Hold Security.Yahoo said back in November it first learned about the breach when law enforcement began sharing with the company stolen data  that had been provided by a hacker. At the time, the company was already dealing with a separate data breach, reported in September, involving 500 million user accounts.To read this article in full or to leave a comment, please click here

17% off Wonder Workshop Dash Robot – Deal Alert

Dash is a real robot that makes learning to code fun for kids. Responding to voice, navigating objects, dancing, and singing, Dash is the robot you always dreamed of having. Use the free iOS, Android and Kindle Fire apps to create new behaviors for Dash – doing more with robotics than ever possible. Dash presents your kids with hundreds of projects, challenges, and puzzles as well as endless possibilities for freeform play. Dash Robot averages 4 out of 5 stars from over 150 customers on Amazon (read reviews), where its typical list price of $150 has been reduced 17% to $125. See it on Amazon.To read this article in full or to leave a comment, please click here

Here’s some questions Congress should ask about the election-related hacks

Members of congress are demanding answers over claims that Russia attempted to influence the U.S. presidential election with several high-profile hacks. U.S. intelligence agencies are confident that the Kremlin was involved, but incoming president Donald Trump remains skeptical.  As they prepare to investigate, here’s some questions lawmakers should be asking to help them understand and respond to these hacks.  What evidence do we have proving Russia’s involvement? Attribution in any hack can be incredibly difficult, as Trump noted in a tweet, but cybersecurity experts say they have technical evidence showing that Democratic groups and figures were at the very least hacked with spear phishing emails and hard-to-detect malware from two suspected Russian hacking teams.To read this article in full or to leave a comment, please click here

Here’s some questions Congress should ask about the election-related hacks

Members of congress are demanding answers over claims that Russia attempted to influence the U.S. presidential election with several high-profile hacks. U.S. intelligence agencies are confident that the Kremlin was involved, but incoming president Donald Trump remains skeptical.  As they prepare to investigate, here’s some questions lawmakers should be asking to help them understand and respond to these hacks.  What evidence do we have proving Russia’s involvement? Attribution in any hack can be incredibly difficult, as Trump noted in a tweet, but cybersecurity experts say they have technical evidence showing that Democratic groups and figures were at the very least hacked with spear phishing emails and hard-to-detect malware from two suspected Russian hacking teams.To read this article in full or to leave a comment, please click here

Trump To Silicon Valley Elite: I’m Here To Help You Do Well

Cisco's Chuck Robbins, Amazon's Jeff Bezos, Google's Sheryl Sandberg and Intel's CEO Brian Krzanich were among the leaders in the room.

Yahoo Finds an Even Bigger Breach Affecting 1 Billion Accounts

Those who target Yahoo think big, apparently.

Yahoo reports massive data breach involving 1 billion accounts

In what is likely the largest data breach ever, Yahoo is reporting that data associated with more than 1 billion user accounts was stolen in August 2013.The incident is separate from a breach Yahoo reported in September involving at least 500 million users that originally occurred in late 2014 and shook public trust in the company.Stolen user data from this new breach involves names, email addresses, telephone numbers, dates of birth, and hashed passwords using an aging algorithm known as MD5 that can be cracked.To read this article in full or to leave a comment, please click here

Yahoo reports massive data breach involving 1 billion accounts

In what is likely the largest data breach ever, Yahoo is reporting that data associated with more than 1 billion user accounts was stolen in August 2013.The incident is separate from a breach Yahoo reported in September involving at least 500 million users that originally occurred in late 2014 and shook public trust in the company.Stolen user data from this new breach involves names, email addresses, telephone numbers, dates of birth, and hashed passwords using an aging algorithm known as MD5 that can be cracked.To read this article in full or to leave a comment, please click here

Docker Spins Off ‘Containerd,’ Its Core Container Runtime

Don't like Swarm? Now you can un-bundle it.

Trump to tech CEOs: We’re there for you

President-elect Donald Trump kicked off a meeting with U.S. tech leaders on Wednesday by promising his administration was there to help them do business and make money."We want you to keep going with the incredible innovation," Trump said. "There’s nobody like you in the world, in the world, there’s nobody like anyone in this room. And anything we can do to help this go along, and we’re going to be there for you."Among the issues the tech CEOs might discuss with Trump is his proposed curbs to immigration. Silicon Valley relies on bringing in large numbers of immigrants every year or keeping them in the U.S. after college. Making immigration more difficult or restricting the number of H-1B high-skill visas available could cause tech companies problems.To read this article in full or to leave a comment, please click here

51% off Apple MK0X2AM/A USB-C to Lightning Cable – Deal Alert

This USB-C cable connects your iPhone, iPad, or iPod with Lightning connector to your computer's USB-C port for syncing and charging.(amazon.com)To read this article in full or to leave a comment, please click here

Microsoft sets Windows 10 PC requirements for tethered VR headsets

Microsoft's sending a strong message: You don't need high-end hardware to plug most VR headsets into PCs.The company has established an amazingly modest set of minimum hardware requirements for upcoming VR headsets to be used with PCs. Microsoft believes mixed reality is the future of computing and wants to bring VR as many PCs as possible.The requirements for Windows 10 PCs for tethered VR headsets do not apply to fully integrated headset computers like Microsoft's HoloLens. Companies like Dell, HP, Acer, Asus, and Lenovo plan to come out with headset accessories for PCs, and Microsoft has said prices for those VR headsets would start at US$299.To read this article in full or to leave a comment, please click here

Bye, privacy: Evernote will let its employees read your notes

Evernote is changing its privacy policy to let employees read its customers' notes, and they can't opt out. Users have until Jan. 23 to move their notes out of the company's system and delete their accounts if they want to avoid the sanctioned snooping. Companies using Evernote Business can have their administrators opt out, but users won't have individual control over it.The change a push by the company to enhance its machine learning capabilities by letting a select number of employees view the private information of its users to help with the training of algorithms."While our computer systems do a pretty good job, sometimes a limited amount of human review is simply unavoidable in order to make sure everything is working exactly as it should," the company said in a support bulletin.To read this article in full or to leave a comment, please click here

Bye, privacy: Evernote will let its employees read your notes

Evernote is changing its privacy policy to let employees read its customers' notes, and they can't opt out. Users have until Jan. 23 to move their notes out of the company's system and delete their accounts if they want to avoid the sanctioned snooping. Companies using Evernote Business can have their administrators opt out, but users won't have individual control over it.The change a push by the company to enhance its machine learning capabilities by letting a select number of employees view the private information of its users to help with the training of algorithms."While our computer systems do a pretty good job, sometimes a limited amount of human review is simply unavoidable in order to make sure everything is working exactly as it should," the company said in a support bulletin.To read this article in full or to leave a comment, please click here

IDG Contributor Network: UC Irvine creates model for digital innovation in the enterprise

In his 2011 book, The Innovator’s Dilemma, Clayton Christensen examined why large organizations often fail to innovate and leave themselves open to disruption from faster, more nimble competitors. And this was before the current generation of technology companies unleashed their onslaught of disruptive technologies.It’s fair to say that in the six years since the book’s release, the stakes have grown exponentially greater. Yet for many enterprise organizations, the struggle to create a truly innovative culture continues. The vast majority of corporate executives fully expect new tech startups to disrupt their organizations, yet still have trouble overcoming the ‘innovator’s dilemma.’To read this article in full or to leave a comment, please click here

Jury Says Arista Owes $0 to Cisco in Copyright Case

Arista did violate Cisco's copyright, but Cisco gets no money damages.

IDG Contributor Network: 5 cybersecurity trends to watch for 2017

As 2016 draws to a close, we can reflect on a year where cybersecurity has played a major role. Even presidential campaigns haven’t been free from hacking scandals and data leaks. The average cost of a data breach for companies grew from $3.8 million last year to $4 million in 2016, according to the Ponemon Institute.Companies of all sizes have embraced the cloud and open source has become the standard for infrastructure software. Both pose their own blend of benefit and risk. A major datacenter attack or failure could be problematic for many companies, and we can certainly expect an increase in the number of cyber-attacks based on open source vulnerabilities.To read this article in full or to leave a comment, please click here

IDG Contributor Network: 5 cybersecurity trends to watch for 2017

As 2016 draws to a close, we can reflect on a year where cybersecurity has played a major role. Even presidential campaigns haven’t been free from hacking scandals and data leaks. The average cost of a data breach for companies grew from $3.8 million last year to $4 million in 2016, according to the Ponemon Institute.Companies of all sizes have embraced the cloud and open source has become the standard for infrastructure software. Both pose their own blend of benefit and risk. A major datacenter attack or failure could be problematic for many companies, and we can certainly expect an increase in the number of cyber-attacks based on open source vulnerabilities.To read this article in full or to leave a comment, please click here

Worth Reading: The private path to censorship

Governments have a legitimate objective in preventing the commission of terrorist acts, but security concerns can also motivate policies that jeopardize fundamental rights. Yesterday’s announcement comes after several years of demands from governments in the EU, the US, and around the world for these companies to do more to stop the spread of messages from terrorist organizations that seek to recruit individuals and inspire violent acts. Under this intense pressure, these companies have started a dangerous slide down the slippery slope to centralized censorship of speech online. —Center for Democracy and Technology

The post Worth Reading: The private path to censorship appeared first on 'net work.