Actually I'm pretty sure it's referring correctly to a singular probe. And unless you know something I don't, it's entirely plausible it's the result of a single data breach (e.g. the recent one at Anthem).
"Probing" software in this context means doing security audits. Nothing would have stopped the Russians from breaking into a big company like Ford or General Electric and stealing a copy of the software for them to then look for vulnerabilities.
This is like the Oracle rat hole where they tried to claim that security audits of their products could only be done with prior approval. That cat is way out of the bag.
Thank you, yes I'm aware of these. I was trying to focus on the fact that the person who found this security hole used it to get some of this data to himself. But apparently I wasn't clear enough.
I'm still trying to improve my English. Next time I'll try to be more clear. Thank you.
I'm sure it was, I'm just not so sure that it does a very good job at that.
I feel like the most obvious interpretation of this is "APT41 possibly accessed billions of devices" which is incorrect, they had the ability but it is known that they only accessed a rather limited set of devices.
I'm not sure what would've been a better title though, especially given the length restrictions" ¯\_(?)_/¯
A plausible explanation is that they had seen the term somewhere and wanted to see what means.
Other could be that integrity search databases was compromised somehow and the term was introduced later. I don't know if this is technically feasible or not, but this shouldn't be discarded as a possibility, for sure.
And other is what is claimed here is faked up and really never happened.
The speculation is always my favorite part of these things. Until we know, it could be anything - hacking, DDoS, bad engineering/sys admin, hardware failure, misconfiguration.
Is there any signs that this data is actually out in the wild? From the article, it was found, reporter and fixed within 24 hours, and they claim there's no sign of other unauthorized access.
Whenever I read about things like this I just immediately assume the accidental data exposure was at the behest of an intelligence agency using an insider.
That'd make sense since what I read was that the attackers didn't actually target this company and that they gained the data by just randomly scraping. It'd also explain why they sat on this data for like two years.
That's a very good point actually. Though in this case they say the tip-off came from a law enforcement agency (I assume they mean an American one).
It's possible however that agency doesn't realise it's a clandestine operation by another US agency. Or they do, but now the operation is complete (this was three years ago) and they want a way of informing yahoo about the breach without admitting who was behind it in the first place.
I meant that they are 'introducing' security fails so that once there'll be indications they're giving data to Uncle Sam they can claim they were hax'd.
But I'm not really serious with this 'conspiracy theory', it's just some food for thought/shitpostin'.
So let's speculate about what the article almost-but-doesn't-quite propose:
The NSA, or related parties, was responsible for the breach. There was an investigation and postmortem, but because of an NSL or other gag-type order, they couldn't accurately publish what they discovered. So they figured that not releasing a report was better than releasing a report that either intentionally misled or pretended not to have figured out what happened.
I know, this is a pretty big leap. But regardless -- what does it mean? What are the ramifications if this is what happened?
reply