Yahoo Has Been Hacked: What You Need to Know — Fortune

It’s a cyber catastrophe. Yahoo on Thursday confirmed a massive security breach that saw hackers steal personal information for over 500 million accounts. Yahoo YHOO says a foreign government is to blame. The incident is a big deal, since so many have a Yahoo account of some type or other — for email or finance…

via Yahoo Has Been Hacked: What You Need to Know — Fortune

Advertisements

FBI says state election boards targeted by hackers — TechCrunch

The FBI warned states to check the security of their election systems after hackers stole voter data from one state election board earlier this summer and attempted to access another this month. The attacks were revealed in an FBI bulletin sent to the agency’s private industry partners and obtained by Yahoo News. One state’s election…

via FBI says state election boards targeted by hackers — TechCrunch

Apple zero-days mark a new era of mobile hacking — TechCrunch

Krstic announced that Apple was launching a bug bounty program, offering $50,000 for zero-day vulnerabilities that allow malicious code exploits in the kernel, among other rewards. The thinking behind the bug bounty, according to Apple, is that discovering zero-day vulnerabilities — security problems that are unknown by a company but exploited by an attacker —…

via Apple zero-days mark a new era of mobile hacking — TechCrunch

When a Hack is More Than a Hack

hero_Hack-is-More-Than-a-Hack.jpgSource: Broader Perspectives

A Cybersecurity and Privacy Hub

Spies are constantly trying to steal things from foreign governments, and the development of hacking tools has allowed them to swipe sensitive records from thousands of miles away.

But when are hacks more than traditional spying?

Is there a line? And if so, when does one cross it?

The theft of sensitive and embarrassing records from the Democratic Party by hackers—or a hacker—is forcing U.S. officials to confront new questions about when cyber espionage poses a national security threat.

The hackers stole emails. They stole personal cellphone numbers and email addresses of lawmakers, some of whom have security clearances that give them access to top secret information.

The records weren’t just stolen. It also has been leaked to the public in a way that has proven damaging to political careers and even the security of officials. And more stolen information is expected to be released in the coming weeks and months.

It is the release of this information that is roiling—and embarrassing—U.S. officials. They are trying to understand the intent of the leaks of information about members of the Democratic Party.

Is it to shine a spotlight on the messy U.S. political process? Or is it an attempt to influence the election by damaging Democrats with voters?

“It appears to be the latest example of geopolitical ‘hacktivist’ harassment,” said Steve Grobman, chief of technology for Intel Security, a computer security company.

In 2013, Edward Snowden, a former National Security Agency contractor, stole information and then leaked it, saying he did it because the American public had the right to know the extent that the government was collecting information about ordinary Americans.

In recent weeks, a person or entity self-named Guccifer 2.0 has released stolen records from the Democratic National Party and the Democratic Congressional Campaign Committee, claiming to have done this to expose corruption in the Democratic Party.

The hacker, who many Democrats and some cybersecurity companies accuse of having ties to the Russian government, has obtained sensitive information, records that foreign spies could use to intercept communications from lawmakers.

Russia has denied involvement in the hackings.

If Guccifer 2.0 really is a spy network for a foreign country, wouldn’t the information be more valuable if it was held in secret and not shared with anyone with internet access? Wouldn’t that make it easier to eavesdrop on phone calls or monitor email accounts?

Democratic lawmakers are now changing their phone numbers, passwords, and maybe ditching their Gmail accounts.

Much could change if and when Guccifer 2.0’s real identity and motives are revealed. Is it a true-believer hacking group or a foreign government trying to embarrass the Democratic Party? Perhaps Guccifer 2.0 is someone else.

The Federal Bureau of Investigation is taking the lead in the probe of the stolen records, though the National Security Agency also is likely playing some role if a foreign country is involved. Many people have a theory as to who Guccifer 2.0 actually is, but the FBI and intelligence community are so far providing few details and the investigation remains at a sensitive stage.

It is unclear exactly how sensitive of a stage this is. Guccifer 2.0’s Twitter account, used to communicate about the hack, was suspended on Saturday. Then it was “unsuspended” several hours later.

This article was licensed through Dow Jones Direct. This article was previously published in the Wall Street Journal on August 14, 2016.

Homeland Security Is Investigating the Leslie Jones Website Hack — Fortune

The federal government is now looking into this week’s hack of comedian Leslie Jones’s personal website, in which hackers posted the Ghostbusters star’s personal information and nude photos stolen from her iCloud account. The Department of Homeland Security is investigating the incident, which took place on Wednesday. In addition to explicit photos, hackers posted images…

via Homeland Security Is Investigating the Leslie Jones Website Hack — Fortune