There are two Yahoo conspiracy theories: It was hacked by a "state-sponsored actor," and it disabled email forwarding to prevent a post-breach exodus. Although neither scenario appears to be true, that doesn't mean the badly breached search giant is in the clear.
Neutering the army of web-connected devices used in the large internet attack that hampered access to major sites - including Amazon, PayPal, Spotify and Twitter - is technically possible. But no option offers either a great or near-term fix.
Widespread website outages beginning early Oct. 21 are suspected to have been caused by a massive distributed denial-of-service attack against DNS service provider Dyn. Numerous sites, including Amazon and Twitter, were sporadically unavailable.
Some 3.2 million Indian debit cards may have been compromised, according to the National Payments Council of India. While investigations are ongoing and several banks have reissued at-risk cards, the source of the card exposure has not been officially confirmed.
Former NSA contractor Harold T. Martin III., who is accused of pilfering mass quantities of highly classified information, will remain in jail until his trial. Martin engaged in "a course of felonious conduct that is breathtaking in its longevity and scale," prosecutors say.
Yahoo is appealing to the U.S. director of national intelligence to declassify an order that allegedly required the company to install secret spying software that scanned incoming email accounts for specific content.
Yahoo, now negotiating its sale to Verizon, has posted an increase in quarterly profits and page views, bolstering its case that its massive data breach didn't irrevocably damage its value. But with ad revenues in decline, time is running out.
Russian hackers may think twice before traveling outside the country for a vacation in light of the arrest of alleged 2012 LinkedIn hacker "Yevgeniy N." by Czech police at a restaurant in Prague earlier this month.
WikiLeaks leader Julian Assange's interference in the U.S. elections has earned the Ecuadorian embassy in London's houseguest a slap on the wrist as his internet connection gets taken away. In the interim, maybe he can take up knitting?
The latest ISMG Security Report analyzes new state bank cybersecurity regulation and getting small healthcare practitioners engaged in cyber threat information sharing. Also, why one nation claims it never experienced a cyberattack.