Yahoo issues new warning of potentially malicious activity on accounts

2May - by Pax_tan - 0 - In News

Yahoo is warning users of potentially malicious activity on their accounts between 2015 and 2016, the latest in a string of cybersecurity problems faced by the technology company.

Hacker Activated All Dallas Emergency Sirens Last weekend when outdoor emergency sirens in Dallas cried loudly for over 90 minutes, many researchers concluded that some hackers hijacked the alarm system by exploiting an issue in a vulnerable computer network.According to a statement issued on Monday, Dallas City Manager...

The measure comes two months after the company revealed that data from more than 1bn user accounts had been compromised in August 2013, the largest such breach in history. The number of affected accounts was double the number implicated in a 2014 breach the internet company disclosed in September and blamed on state-sponsored hackers.

Yahoo believes that the cookie-forging activity is linked to the same state-sponsored hackers, although the company would not name the state. Security experts have pointed to Russia and China as the usual suspects for these kinds of attacks, although some have questioned whether Yahoo would be a target.

It is not clear how many user accounts are affected by the malicious activity announced Wednesday, although a Yahoo investigation has revealed that it involved the use of forged cookies, which can be used to access people’s accounts without re-entering their passwords.

Yahoo told the Guardian that it first reported the cookie forging in a filing in November 2016 and outlined the issue in a security update in December 2016, although some users are only being notified this week.

A Yahoo spokeswoman said: “The investigation has identified user accounts for which we believe forged cookies were taken or used. Yahoo is in the process of notifying all potentially affected account holders. Yahoo has invalidated the forged cookies so they cannot be used again.”

Nintendo’s Ready to Reward You Up to $20,000 It's always nice getting paid to do something you love. That's why Nintendo is offering all Nintendo Switch owners a chance to find vulnerabilities before another hacker beats them to it first. Depending on the vulnerability you find, Nintendo is willing to shell out rewards st...

Notifications have been sent out to almost all affected users, although security investigations are still ongoing.

The news comes as reports suggest that Verizon is close to a renegotiated deal for Yahoo’s internet properties that would reduce the price of $4.8bn agreement by about $250m, following revelations about the company’s security breaches.

Leave a Reply

Your email address will not be published. Required fields are marked *