Information Security News
In filings with the Securities and Exchange Commission today, Yahoo laid out the severance packages for executives that will be leaving the company as it sheds its Internet business chrysalis and emerges as an Alibaba stock-holding company moth called Altaba. Marissa Mayer, Yahoo's chief executive officer, will receive a package of cash, stock, and benefits valued at a total of $23,011,325 at the completion of the deal, according to Yahoo's proxy statement. Of that, $3 million will be in cash.
Lisa Utzschneider, Yahoo's chief revenue officer, will receive a $16,536,363 severance package. Ken Goldman, Yahoo's chief financial officer, will get a $9,478,568 farewell. Yahoo cofounder David Filo will get $15,000 in cash and two years' worth of continued health insurance. Ronald Bell, Yahoo's general counsel, resigned on March 1; he gets no golden parachute.
The proxy statement filing is a preliminary copy of what will be sent to Yahoo shareholders in advance of the as-of-yet-unannounced special meeting to approve the Verizon acquisition of Yahoo's Internet business—a deal that lost $350 million of its value as the result of a string of data breaches uncovered during audits of Yahoo's systems. Mayer and other Yahoo executives reportedly knew of some of the breaches, which were blamed on a "state actor," well before the acquisition began. But users were still being informed of potential exposure of personal data because of an attacker using cookies forged to bypass user authentication as of February 17.
Back in 2005, I wrote a perl script to calculate multiple cryptographic hashes for me. We had md5sum and sha1sum, but I wanted a single script that could calculate whichever one I wanted or all of them at the same time. Well, the weekend before last, I rewrote it in Python and added SHA3 support. Ive added it to my githup scripts repo.I also added the -r switch to the Python version, so that it can be used to recursively hash all the files in a directory a la Jesse Kornblums hashdeep suite. Also, for consistency with Jesses recent release of his beta of sha3deep, I chose to use SHA3-384 for my SHA3 hash choice (in preliminary testing I had been using SHA3-256, but that could have been confused with SHA2-256 aka SHA256 as currently used by VirusTotal, etc.). By default, it will calculate all 5 hashes, or you can specify which ones you want with command-line switches. For example, sigs.py -m will give you output that should be identical to md5sum. Also, without the -f switch, it will show relative paths, with it, it will show full path. Enjoy.
[email protected]$ sigs.py -h
usage: sigs.py [-h] [-V] [-r] [-a] [-m] [-s] [-2] [-3] [-5] [-f] [-b blk]
FILE [FILE ...]
FILE files to hash
-h, --help show this help message and exit
-V, --version print version number
-r, --recursive recursive mode. All subdirectories are traversed
-a, --all All (MD5, SHA1, SHA256, SHA512, and SHA3-384), default
if no other options chosen
-m, --md5 MD5 signature (md5sum equivalent output)
-s, --sha1 SHA1 signature (sha1sum equivalent output)
-2, --sha256 SHA2 (aka SHA2-256) signature (sha256sum equivalent
-3, --sha3 SHA3-384 signature
-5, --sha512 SHA512 (aka SHA2-512) signature (note: base64 encoded
rather than hex)
-f, --fullpath print full path rather than relative
-b blk, --block blk block size to read file, default = 65536
Jim Clausing, GIAC GSE #26
jclausing --at-- isc [dot] sans (dot) edu