Ex-Yahoo employee avoids jail, despite hacking 6000 accounts, and stealing nude photos and videos

A former employee of Yahoo has been sentenced and ordered to pay a fine after exploiting his privileged access to hack into the personal accounts of thousands of Yahoo users, in his hunt for naked photographs and videos of young women.

Read more in my article on the Hot for Security blog.

Smashing Security podcast #149: Falling in love with fraudsters

We take a trip to Staten Island, New York, to hear how a case of cyberstalking resulted in the arrest of 20 alleged mobsters, learn about the nude photo-loving insider threat at Yahoo, and discover how fraudsters might be boosting’s profits.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by Graham Cluley and Carole Theriault, joined this week by Ran Levi of “Malicious Life.”

Former Yahoo employee admits he hacked 6000 users’ accounts, stole nude photos and videos

A former Yahoo software engineer has admitted hacking into thousands of Yahoo users’ accounts in a search for naked images and videos of young women.

Read more in my article on the Hot for Security blog.

Sky worries users with phishy-looking password reset email

Sky could have done a better job when they designed their customer email to make it look less suspicious.

Naked celebrity photo hacker used to be a high school teacher

A former high school teacher is to plead guilty to hacking into the online accounts of celebrities and stealing naked photographs and other private information.

No, Michael J Fox isn’t dead

Calm down. Michael J Fox isn’t dead.

A rumour spread across social media that the star of sitcom “Family Ties” and the “Back to the Future” movie trilogy had carked it at the age of 57.

Jail for the man who helped Russia hack Yahoo’s email accounts

A hacker who lived the high life with expensive cars has been sentenced to jail for his part in a serious security breach at Yahoo.

Read more in my article on the Hot for Security blog.

The biggest hack in history is actually three times bigger than we feared

Yahoo’s 2013 data breach didn’t see one billion account records stolen by hackers after all. No, it was *three* billion…

US charges Russian FSB officials in connection with massive Yahoo security breach

The United States has charged four men, including two officials of Russia’s FSB intelligence agency, in connection with a hacking attack against Yahoo that saw the details of 500 million users stolen and the use of forged cookies to break into accounts.

Read more in my article on the We Live Security blog.

Yahoo CEO Marissa Mayer will miss out on cash bonus after security breaches

Also it is revealed that hackers accessed 32 million Yahoo user accounts in the last two years using forged cookies.

More Yahoo users warned of malicious account access via forged cookies

Some Yahoo users warned their accounts could be accessed by hackers – no password required.

Read more in my article on the Tripwire State of Security blog.

Yahoo sale to Verizon delayed, following revelation of massive security breaches

If you’re in the business of scooping up another company, you probably want to uncover all of its dirty little secrets before you hand over any cash.

Yahoo’s billion account database for sale on the darknet market

The records of more than one billion Yahoo users have reportedly been sold on the computer underground.

Read more in my article on the Hot for Security blog.

Yahoo hack – a billion reasons to change your email account

At one billion records, it’s the biggest data breach ever.

Check out my late night YouTube live stream about the incident, and read more.

Yahoo flaw, now fixed, allowed hackers to access any user’s email

Malicious code could have been used to compromise an account, forward messages to an external account, or even spread a Yahoo Mail-infecting virus.

Read more in my article on the We Live Security blog.

Some Yahoo staff knew in 2014 that it had been hacked

Yahoo has admitted that some of its staff knew back in 2014 that its systems had been breached by hackers.