Attacks/Breaches

6/19/2017
11:05 AM
50%
50%

Accused Yahoo Hacker May Comply with US Extradition

A Canadian hacker accused of collaborating with Russian cybercriminals in the 2014 Yahoo breach, may waive his right to fight US extradition.

Canadian hacker Karim Baratov, accused of working with Russian intelligence agents in the 2014 Yahoo breach, may deny the right to fight a US extradition request, Reuters reports, citing the cybercriminal's lawyer.

Baratov is one of four people in custody for the breach, which compromised data of about 500 million Yahoo accounts. In March 2017, the DoJ charged him for working with Russian FSB officers to break into Yahoo systems and steal information from user accounts. Agents used this stolen information to access accounts from Yahoo, Google, additional webmail services, the email accounts of US and Russian government officers, International Monetary Fund, and companies in the US, Russia, and Switzerland.

Others currently being held for their participation in the Yahoo breach include Russian intelligence agents Dmitry Aleksandrovich Dokuchaev and Igor Anatolyevich Sushchin, as well as Russian national Alexsey Alexseyevich Belan.

Judges denied Baratov's bail on the grounds he is a flight risk. He is speaking with the FBI and US prosecutors, and plans to share his final decision at a July 7 hearing.

Read more details here.  

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
mutooshaml
50%
50%
mutooshaml,
User Rank: Apprentice
3/30/2018 | 2:22:19 AM
yahoo hacker
Most of the hacker are hacked yahoo acount.Accused yahoo hacker may comply with US Extraction.It is most important news and just to see this post immediately in this technique most of the people have misconception about yahoo mail account system.
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Are you sure this is how we get our data into the cloud?
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17437
PUBLISHED: 2018-09-24
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-17438
PUBLISHED: 2018-09-24
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17439
PUBLISHED: 2018-09-24
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.
CVE-2018-17432
PUBLISHED: 2018-09-24
A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
CVE-2018-17433
PUBLISHED: 2018-09-24
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.