The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Friday Five: 9/23 Edition



It’s Friday! Catch up on the top infosec headlines with our weekly news roundup.

1. Akamai kicked journalist Brian Krebs' site off its servers after he was hit by a 'record' cyberattack by Paul Szoldra

Well-known security researcher, Brian Krebs, was hit this week by a powerful DDoS attack, among the largest the Internet has ever seen. The attack was over 600 Gbps in size. With the goal of shutting down Krebs’ blog, it’s highly likely the attack was related to Krebs’ recent involvement in the arrest of the two Israelis allegedly running the DDoS-for-hire service, vDOS. Analysis of the attack indicates that the traffic was coming from multiple places rather than a specific global region or a small group of networks. This suggests that a botnet, hacking into a larger number of IoT devices, was involved. Just yesterday, KrebsOnSecurity was taken offline by Akamai, who was hosting the site pro bono. For more info, read the full article.

2. Yahoo faces questions after hack of half a billion accounts by Alex Hern

In early August, Motherboard reported that a hacker by the name of Peace was advertising the sale of 200 million Yahoo account credentials. However, Yahoo did not confirm the hack at that time. Now, the company, pending a merger with Verizon, admits to a breach that took place in 2014 and that half a billion account credentials have been stolen by state-sponsored hackers. Data breached includes names, email addresses, phone numbers, and security questions. A burning question in everyone’s mind is why Yahoo took so long to disclose the breach. At any rate, change your Yahoo password if you haven’t since 2014. Read more at The Guardian.

3. Which political party is more cybersecure? by Dan Patterson

TechRepublic spoke with DG’s Tim Bandos about cybersecurity in American politics. With the recent rise of political hacks, there are some very real fears as the election date approaches. Both parties have been hit. Bandos explains that parties are often targeted by phishing emails, which, if the victim is duped, gives hackers the opportunity to tap into other computers within the same network. To be best prepared, he recommends that parties invest in the appropriate technologies to better protect themselves and pay attention to how threats evolve. Hear more from Tim Bandos and read the full article on TechRepublic.

4. Hackers hit White House staffer’s Gmail account, raises security concerns by leaking sensitive emails by Graham Cluley

DC Leaks has once again compromised the email account of a political worker. Prior victims include Colin Powell. Ian Mellul, who works on Clinton’s campaign and has organized events for Michelle Obama and Joseph Biden, was hacked and emails containing sensitive information were leaked. Among these emails were photos of passports, including Michelle Obama’s, as well as PowerPoints outlining trips and the travel routes made by Biden. Get the rest at HotForSecurity.

5. Locky developers upgrade ransomware's ability to perform offline encryption by Bradley Barth

New analysis reveals that Locky has improved their offline encryption capabilities, which was first reported in July. The new code for Locky has eliminated some excess code, saving the developers money by also eliminating the need for more servers and domains. This enables the malware to operate more efficiently while escaping detection. Read the full article on SC Magazine.

Ellen Zhang

ANALYST REPORTS

Gartner 2017 Critical Capabilities for Enterprise Data Loss Prevention

Ellen Zhang

Ellen is the Acquisition Marketing Manager at Digital Guardian, with nearly half a decade of experience in the cybersecurity industry. As the company's SEO and PPC manager, Ellen has spent numerous hours researching information security topics and headlines.