Feb 28, 2017

Yahoo works to remedy cyber security gaps

bhisawa via Flickr CC

Yahoo has provided the Senate commerce committee with new details about its security breaches over the past four years. Here's what you need to know:

The damning tidbit: The accounts involved in Yahoo's series of breaches in 2013 and 2014 were mostly the same ones.

Yahoo hired a risk management executive and is reportedly more engaged with law enforcement than was previously public; it is working with federal, state, and foreign government officials about the breaches. Recall that Yahoo only learned of its 2013 breach in 2016 when user data turned up online.

The specifics on its cyber security updates: Yahoo is growing its Advanced Persistent Threat team to better deal with state-sponsored attacks (which likely caused the 2016 breaches). The company also takes a "kill chain" approach to detect attacks, runs a vulnerability assessment team that attacks its own products (the "red team"), and has a "bug bounty program" that pays those external to Yahoo to inform it of bad code.

Plus, Yahoo will present its briefing to the Senate committee via a committee it formed internally just to investigate the breaches. The briefing is not yet scheduled.

Go deeper

Sanders requests recount of Iowa recanvass after results show shrunken margin

Photo: Joe Raedle/Getty Images.

Sen. Bernie Sanders said in a statement Tuesday night he will request a recount of the Iowa Democratic Party's recanvass results.

Where it stands: Both Buttigieg and Sanders requested partial recanvasses in Iowa last week after results were delayed and showed several errors following a software malfunction on caucus night.

Axios Dashboard

Keep up with breaking news throughout the day — sign up for our alerts.

Energy deputy secretary nominee faces heat after contradicting Trump

Mark Menezes speaks at a forum in Addis Ababa, Ethiopia, June 12. Photo: Minasse Wondimu Hailu/Anadolu Agency/Getty Images

Trump administration officials are internally raising concerns about President Trump’s nominee for Energy deputy secretary, who appeared to openly contradict the president on nuclear waste storage at Nevada’s Yucca Mountain last week.

Driving the news: While speaking at a House Energy and Commerce subcommittee hearing last Wednesday, Mark Menezes told members of the panel that the Trump administration is still interested in storing nuclear waste at Yucca Mountain and that “what we're trying to do is to put together a process that will give us a path to permanent storage at Yucca."