A selection of this week’s more interesting vulnerability disclosures and cyber security news. A few items of particular note this week, one of which is very old news concerning Yahoo and comes as no surprise I expect to many. With any breach announcement, do we take the claimed numbers as reliable and pretend we weren’t affected, or should be just assume it was everything and react appropriately?
I bet you’ve noticed the increasing stream of fake emails with attachments? Now we know what they harbour and it’s certainly not nice. If you’re not educating your users, or ensuing macros won’t run every time a file is opened already, then you had better be locking things down before something else locks your system down in an expensive way:
A really curious bit of research on continuous authentication methods appeared in my feed this week. I feel it offers more than other attempts such as monitoring typing style, or facial features, and made me recall an old Linux proximity lock I tried years ago based on detecting the presence of my Bluetooth mobile phone. However that became an inconvenience if the phone was either left somewhere else or ran flat. Hopefully in this case I shouldn’t be without my heart; I think I would notice…
Other news this week:
- Equifax: Number of US Breach Victims Rises to 145.5 Million Credit bureau provides update on its breach investigation.
- Gaming Service Goes Down After Hacker Wipes Database and Holds It for Ransom Catalin Cimpanu reports
- Central Banks Propose Better Inter-Bank Security Institutions from the world’s largest economies want to improve security following abuse of inter-bank messaging and payment systems.