The Most Comprehensive Data Protection Solution
Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.
First and Only Solution to Converge:
- Data Loss Prevention
- Endpoint Detection and Response
- User and Entity Behavior Analytics
1. Akamai kicked journalist Brian Krebs' site off its servers after he was hit by a 'record' cyberattack by Paul Szoldra
Well-known security researcher, Brian Krebs, was hit this week by a powerful DDoS attack, among the largest the Internet has ever seen. The attack was over 600 Gbps in size. With the goal of shutting down Krebs’ blog, it’s highly likely the attack was related to Krebs’ recent involvement in the arrest of the two Israelis allegedly running the DDoS-for-hire service, vDOS. Analysis of the attack indicates that the traffic was coming from multiple places rather than a specific global region or a small group of networks. This suggests that a botnet, hacking into a larger number of IoT devices, was involved. Just yesterday, KrebsOnSecurity was taken offline by Akamai, who was hosting the site pro bono. For more info, read the full article.
In early August, Motherboard reported that a hacker by the name of Peace was advertising the sale of 200 million Yahoo account credentials. However, Yahoo did not confirm the hack at that time. Now, the company, pending a merger with Verizon, admits to a breach that took place in 2014 and that half a billion account credentials have been stolen by state-sponsored hackers. Data breached includes names, email addresses, phone numbers, and security questions. A burning question in everyone’s mind is why Yahoo took so long to disclose the breach. At any rate, change your Yahoo password if you haven’t since 2014. Read more at The Guardian.
TechRepublic spoke with DG’s Tim Bandos about cybersecurity in American politics. With the recent rise of political hacks, there are some very real fears as the election date approaches. Both parties have been hit. Bandos explains that parties are often targeted by phishing emails, which, if the victim is duped, gives hackers the opportunity to tap into other computers within the same network. To be best prepared, he recommends that parties invest in the appropriate technologies to better protect themselves and pay attention to how threats evolve. Hear more from Tim Bandos and read the full article on TechRepublic.
4. Hackers hit White House staffer’s Gmail account, raises security concerns by leaking sensitive emails by Graham Cluley
DC Leaks has once again compromised the email account of a political worker. Prior victims include Colin Powell. Ian Mellul, who works on Clinton’s campaign and has organized events for Michelle Obama and Joseph Biden, was hacked and emails containing sensitive information were leaked. Among these emails were photos of passports, including Michelle Obama’s, as well as PowerPoints outlining trips and the travel routes made by Biden. Get the rest at HotForSecurity.
New analysis reveals that Locky has improved their offline encryption capabilities, which was first reported in July. The new code for Locky has eliminated some excess code, saving the developers money by also eliminating the need for more servers and domains. This enables the malware to operate more efficiently while escaping detection. Read the full article on SC Magazine.