Feb 28, 2017

Yahoo works to remedy cyber security gaps

bhisawa via Flickr CC

Yahoo has provided the Senate commerce committee with new details about its security breaches over the past four years. Here's what you need to know:

The damning tidbit: The accounts involved in Yahoo's series of breaches in 2013 and 2014 were mostly the same ones.

Yahoo hired a risk management executive and is reportedly more engaged with law enforcement than was previously public; it is working with federal, state, and foreign government officials about the breaches. Recall that Yahoo only learned of its 2013 breach in 2016 when user data turned up online.

The specifics on its cyber security updates: Yahoo is growing its Advanced Persistent Threat team to better deal with state-sponsored attacks (which likely caused the 2016 breaches). The company also takes a "kill chain" approach to detect attacks, runs a vulnerability assessment team that attacks its own products (the "red team"), and has a "bug bounty program" that pays those external to Yahoo to inform it of bad code.

Plus, Yahoo will present its briefing to the Senate committee via a committee it formed internally just to investigate the breaches. The briefing is not yet scheduled.

Go deeper

4 mins ago - Health

Medical journal retracts study that fueled hydroxychloroquine concerns

Photo: George Frey/AFP via Getty Images

The Lancet medical journal retracted a study on Thursday that found that coronavirus patients who took hydroxychloroquine had a higher mortality rate and increased heart problem than those who did nothing, stating that the authors were "unable to complete an independent audit of the data underpinning their analysis."

Why it matters: The results of the study, which claimed to have analyzed data from nearly 96,000 patients on six continents, led several governments to ban the use of the anti-malarial drug for coronavirus patients due to safety concerns.

George Floyd updates

Text reading "Demilitarize the police" is projected on an army vehicle during a protest over the death of George Floyd in Washington, D.C.. early on Thursday. Photo: Yasin Ozturk/Anadolu Agency via Getty Images

All four former Minneapolis police officers have been charged for George Floyd’s death and are in custody, including Thomas Lane, J. Alexander Kueng and Tou Thao, who were charged with aiding and abetting second-degree murder and aiding and abetting second-degree manslaughter.

The latest: A judge Thursday set bail at $750,000 for each of three ex-officers, AP reports.

John Kelly defends James Mattis against Trump attacks

John Kelly in the White House in July 2017. Photo: Cheriss May/NurPhoto via Getty Images

Former White House chief of staff John Kelly defended James Mattis on Thursday after President Trump attacked the former defense secretary as "the world's most overrated general" and claimed on Twitter that he was fired.

What he's saying: “The president did not fire him. He did not ask for his resignation,” Kelly told the Washington Post in an interview. “The president has clearly forgotten how it actually happened or is confused."