Remember the Yahoo data breach in September, where the well-known search and Internet company lost 500 million user accounts? That was pretty bad, right? Well it just got worse.
Yahoo has now learned (from law enforcement) that they actually lost over 1 billion user accounts, in what may be a different breach. Other than the pure scale of affected accounts, the types of lost information hasn’t changed much. Watch today’s video to learn more about the updated incident, and what you can do to protect all your accounts.
Episode Runtime: 3:23
Direct YouTube Link: https://www.youtube.com/watch?v=CE0zFXHvXQo
EPISODE REFERENCES:
- Another Yahoo breach leaks a record-breaking 1 billion accounts – Ars Technica
- Yahoo’s security disclosure on the newly discovered breach – Yahoo
— Corey Nachreiner, CISSP (@SecAdept)
What I really, really wonder is what the underlying operating systems are. that allow shit like to happen in the first place. Hmm let me take a wild wild guess, could it be Microsoft?? Because if it is, there is the [expletive] problem. Operating systems mad out of swiss cheese. [expletive] deplorable.
VMS, UNIX, IBM Mainframe…Dont have these [expletive] issue, but MS decided to build some fucking horrific nightmare that grandma can poke holes in,have no [expletive] clue how to fix it, and keep tuning out the same crap year after year. When is the [expletive] world going to wake up and kick these [expletive] in the teeth and switch to an Operating System that is a real multiuser, multitasking, true virtual compute model that has been around for 40 [expletive] years?? Why the [expletive] do developers need a separate machine from the Accounting machine. Because its build on Microcrap, so when one systems crashes, the whole [expletive] thing sinks to the bottom of the shit hole.
Security-wise, I personally think Microsoft’s OS has improved greatly since a decade ago. While you might argue it’s bloated and proprietary, they’ve actually made an “about-face” as far as secure coding, and adopting more privilege restrictions (seperation of user and admin via UAC). Sure, OSes like Linux were better in this regards in the early days, but MS has improved a lot.
Also, nix systems can be implemented badly too… Many IoT devices and routers are embedded Linux, and things like the Mirai botnet worked against this *nix based devices. Just my thoughts.