Followup Bloomberg’s controversial The Big Hack story SuperMicro released the results of an independent audit which found no evidence of hardware or software tampering on its motherboards — www.reuters.com/… & arstechnica.com/… The Marriott Breach Marriott Data Breach Is Traced to Chinese Hackers as U.S. Readies Crackdown on Beijing — www.nytimes.com/… An interesting related opinion piece […]
Continue readingMore TagAuthor: Bart Busschots
Security Bits – 24 November 2018
Notable Security Updates Adobe have issued an emergency patch for a critical bug in Flash — nakedsecurity.sophos.com/… Patch Skype for Business now or risk DoS via emoji kittens! — nakedsecurity.sophos.com/… Update now! Dangerous AMP for WordPress plugin fixed — nakedsecurity.sophos.com/… Microsoft pulls Office patches that are causing application crashes. Office365 users don’t need to take […]
Continue readingMore TagSecurity Bits – 02 November 2018
Followups Apple CEO Tim Cook Is Calling For Bloomberg To Retract Its Chinese Spy Chip Story — www.buzzfeednews.com/… 🇬🇧 Facebook fined £500K for Cambridge Analytica saga — nakedsecurity.sophos.com/… Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks — krebsonsecurity.com/…
Continue readingMore TagSecurity Bits – Google Plus Data Breach, SSH Vulnerability, WhatsApp and D-Link Vulnerabilities, Apple Privacy Portal
Followup The Facebook hack: Facebook October 2018 security breach: Everything you need to know — www.imore.com/… Facebook opens up about data breach details — nakedsecurity.sophos.com/…
Continue readingMore TagSecurity Bits – Facebook Token Hack, Bloomberg Amazon & Apple Servers & China, Facebook Uses 2FA Numbers for Advertising
Security Bits – 5 October 2018 Followups 🇺🇸 The CA IoT security law discussed previously has been signed into law — www.theverge.com/… Google have announced plans to further limit what browser plugins can do in an attempt to crack down on the explosion in plugin-based malware we talked about last time — arstechnica.com/… & nakedsecurity.sophos.com/…
Continue readingMore TagSecurity Bits – Forced Smartphone Decryption Breaches 5th Amendment, Apple Fails to Remove Malicious App, Google & MasterCard Sharing Info
Followups Instapaper comes back to the EU at last — www.macobserver.com/… Facebook is refusing to comply with a GDPR data request, so a complaint has been lodged with the Irish Data Protection Commissioner (DPR). The DPR has opened an investigation, but has said the case is likely to get escalated from Ireland to the European […]
Continue readingMore TagSecurity Bits – Bad Times for Facebook, Data Transfer Project, Bluetooth Bugs, Malware in the Mail
Pre-amble (by Allison) — Bad Times for Facebook Facebook lost $120B in value after their July Earnings call, which is the biggest one-day stock fall in history — marketwatch.com/… One root cause is that European advertising growth in Europe “decelerated more quickly than other regions” because of GDPR. Facebook Chief Financial Officer David Wehner said, […]
Continue readingMore TagSecurity Bits – USB Protected Mode, Exactis Breach
Followups 🇪🇺 EU Copyright Directive: Italy Wikipedia shuts down in protest at EU copyright law — www.bbc.com/… Copyright Directive legislation voted down by European Parliament — nakedsecurity.sophos.com/… (This is not the end of this legislation, but it is a significant setback.) Spectre/Meltdown Another variant has been discovered, but it’s similar enough to previous ones that […]
Continue readingMore TagSecurity Bits – Mostly Good News
Followup Following on from security breaches at the 3rd-party companies all American cell phone companies were sharing real-time location data with, Verizon have announced they are ceasing all location data sharing (the other carriers have ended their relationships with some specifics companies, but not globally like this) — krebsonsecurity.com/… GDPR Fallout & Experiences: The Norwegian […]
Continue readingMore TagSecurity Bits – USB Restricted Mode, Apple’s Focus on Security in OS Announcements
Followups Telegram have now been able to update their apps on Apple’s non-Russian app stores — nakedsecurity.sophos.com/… The VPNFilter malware/botnet story continues to evolve as security researchers find more router makes and model are affected. Additions to the list include routers by Asus, D-Link, Huawei & ZTE — www.zdnet.com/…, nakedsecurity.sophos.com/… & www.imore.com/… 🇺🇸 As anticipated, […]
Continue readingMore Tag