A selection of this week’s more interesting vulnerability disclosures and cyber security news. So many juicy bits of news this week, well, in the usual sad way of course. An astounding story has come to light which while scant on actual details of the method (not surprising really), is still unnerving:
If you’re planning on diving into the shopping madness of the next month or so and value your data, you might want to keep an eye on IoT issues that have surfaced recently – its not just the retailers who will be rubbing their hands!
- CVE-2017-16867 Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 deauthentication frames during the delivery process
Otherwise you could end up becoming another zombie in this interesting but alarming new botnet…
Other fun stuff…
- CVE-2017-16560 SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder
- Fasten data leak: Nearly 1 million user’s sensitive data mistakenly exposed by US ride-hailing firm India Ashok reports
- Re: An anti theft system allowing attackers to kill remotely the engine in electric scooters made by by INOKIM/MyWay, affected model model Quick 3 <p>Posted by pop shark on Nov 10</p>Hi, My last mail had a mistake, please don't publish it.<br> I'm adding a corrected version.<br> Thank you<br>