Monthly Archives: September 2016

150,000 IoT Devices behind the 1Tbps DDoS attack on OVH

This is not the first incident where large number of IoT devices are being used to launch a DDoS attack. It’s a worrying sign that the number of compromised devices are getting larger and the technique is getting more popular.

The hosting provider OVH continues to face massive DDoS attacks launched by a botnet composed at least of 150000 IoT devices.

Source: 150,000 IoT Devices behind the 1Tbps DDoS attack on OVH

Hack Brief: Yahoo Breach Hits Half a Billion Users

Largest password breach so far – 500M users.

After earlier reports of a cybercriminal hack that affected 200 million users, the real breach turns out to be far more serious.

Source: Hack Brief: Yahoo Breach Hits Half a Billion Users

[2016-09-29]: Defending Against Hackers Took a Back Seat at Yahoo, Insiders Say. ‘Cos it doesn’t affect the bottom line, no?

“Yahoo is already suffering. I don’t think they’ll suffer more because of this,” said Avivah Litan, a security analyst with the research firm Gartner.
Ouch.

Beware: Windows 10 Signature Edition Blocks Installing Linux – FossBoss

Anti-competitive practice from Microsoft. Microsoft is apparently pressuring some hardware vendors to lock their BIOS to prevent installation of 3rd party OSes including Linux. Someone bought a Yoga 900 ISK2 and found that they can’t install Linux on it.

Just when you thought Microsoft is turning good – from all the open-source and Windows Subsystem for Linux efforts.

For you: If you see the “Windows 10 Signature Edition” badge on a laptop, DON’T BUY IT! You may not be able to install Linux (or any OS) on it, and there’s nothing you can do to the machine to change this currently.

Source: Beware: Windows 10 Signature Edition Blocks Installing Linux – FossBoss

Update (2016-09-22): Someone claims that the issue is overblown and that Ms isn’t forcing manufacturers to lock their BIOS. It’s Lenovo that is mishandling the whole thing.

Update (2016-09-22): Lenovo denies blocking installation of alternate OSes. Well they didn’t exactly block it. They just didn’t make it possible. If Lenovo wants to keep its customers happy it should release a BIOS patch that do exactly that.

The Dropbox hack is real

It’s not a suspect breach. Change your Dropbox password now.

Earlier today, Motherboard reported on what had been rumoured for some time, namely that Dropbox had been hacked. Not just a little bit hacked and not in that “someone has cobbled together a list of credentials that work on Dropbox” hacked either, but proper hacked to the tune of 68

Source: The Dropbox hack is real