About Over 50 Articles Library
Content: Services - Computer
Computer Security No 44: How Yahoo's latest "forged cookie" hack can affect you
Corporate - Private Computer Security
How Yahoo's latest "forged cookie" hack can affect you
Yahoo suffered the third hacking incident since 2013 when it realised cyber attackers created "forged cookies" that can access user accounts without their login information. Yahoo told the Guardian that the forged cookies have been "invalidated" and cannot be used again, but the potentially malicious activity could still have implications for already-affected users.
Affected users are at risk of financial or identity fraud. Credit card information and personal details could be accessible through breached accounts.
If your Yahoo account was compromised, you probably received an email from Bob Lord, Yahoo's chief information security officer, warning of the data security issue.
Perhaps consider closing your account if you still have one...
Not that it would help or have any benefit to the users affected, but the CEO lost her $12m cookie in bonuses and shares for 2017.
To read more:- time.com
The danger of the Unsubscribe button
If you receive emails or newsletters from companies that you've never heard of, or that promote products and services that are completely foreign to you and you wish to unsubscribe, be cautious when you click on the Unsubscribe button, as it may be a trick (it could trigger a malicious download or take you to a site you did not wish to visit).
CIA malware targets iPhone, Android, smart TVs
Since 2001, the CIA (US Central Intelligence Agency) increased its power and cyber capability in parallel with the NSA (US National Security Agency).
On the 7 March 2017, Wikileaks commenced Vault7, a series of articles about the CIA and an analysis of the 8,761 documents and files that were taken from the CIA's high-security network in Langley, Virginia.
Through this leak, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponsied "zero day" exploits (an undisclosed computer-software vulnerability that hackers can exploit).
The analysis names the attack against Samsung smart TVs, infections of modern cars and trucks dating back to 2014 (which could permit undetectable assassinations), attacks developed for remotely hacking and controlling smart phones, etc.
Their capabilities of hacking extend to Microsoft Windows users, Solaris, Linux platforms and more.
The devices we use can become passive listerners and recorders of our conversations. Nothing is safe in the electronic world.
The grim article: -https://wikileaks.org/ciav7p1/
Cyber Security & Privacy suite for Directors and Executives
On 13 Feb 2017, legislation passed through the Australian Parliament which will establish a Mandatory Data Breach Notification scheme. This gives Australian companies one year to get ready and ensure that a cyber strategy, processes and tactical plans are in place.
Recent lawsuits against directors worldwide, claiming negligence, lack of due diligence and/or duty of care (Worldwide Corporation, Target US, etc) highlight the need for directors to take immediate action.
The fact that 60% of organisations go out of business within 6 months of an attack and that the average cost for a breach is $4m illustrate the significance of this threat.
Are you prepared to discuss cyber at Board level? Are you aware of your obligations and defence as a director or officer of the company? Have you taken the necessary steps to mitigate the consequences of a cyber attack?
ABG offers the Cyber suite of course modules:
- Cyber threats and defences Module - Tactical plans
- Directors and Officers Module - Strategy
- Risk Management Workshop for Cyber
- Cyber Crisis simulation
Send your enquiries to email@example.com
1) Records for sale
A hacker calling himself SunTsu583 is selling over 1 Million decrypted Gmail or Yahoo passwords on the dark web
2) Records leaked
A database of 1.4 Billion email addresses, combined with real names, IP addresses and often physical addresses has been leaked. It was discovered by a team of investigators from MacKeeper.com
The team discovered the files which turn out to be the leaked operation of RCM (River City Media), led by two known spammers, masquerading as a legitimate marketing firm. They were making $36k/day by sending 150 million messages to Yahoo users per day and over 1 billion messages to Gmail users per day
3) Recommended measures:
- Change all your passwords to long 16 character (sentence style passwords with capital letters, numbers and other characters)
- Use two-factor authentication (eg. where you get an SMS if someone is trying to log on from a different machine or trying to change the password)
- Consider using a reputable password manager (We'll be looking at password managers in detail in our next newsletter)
Memories of jokes
Have a nice and cyber-safe weekend! And a late "Happy Women's 108 day!" for yesterday.
Moderated by Monica Schlesinger: www.advisoryboardsgroup.com.au
© About Over 50s 2017 website by aml websites online