A selection of this week’s more interesting vulnerability disclosures and cyber security news. Oh dear, seems the mad rush for Meltdown has backfired and has turned into a huge embarrassing mess for the industry. What to do…
- Intel Says to Stop Applying Problematic Spectre, Meltdown Patch Cause of reboot problems with its Broadwell and Haswell microprocessor patching now identified, the chipmaker said.
- Fallout from Rushed Patching for Meltdown, Spectre Not all systems require full patching for the flaws right now, anyway, experts say.
The hype with cryptocurrency looks to have bitten those that were hoping for a quick win. The scammers sure know how to make a great lure it seems:
To round off this summary, I loved this little quote… So true, even more so if you expose it to the internet – in which case without a backup you may not have a database for long!
- QOTD Quote of the Day: Until you have backups, you don’t have a database. What you have is a prolonged period of optimism.; Laurie Voss.
Go do a backup and enjoy the weekend.
- Bell Canada Hit with 2nd Breach in 8 Months Less than 100,000 customers affected in latest incident.
- Kaspersky Lab Seeks Injunction Against US Government Ban Revenues and reputation have taken a hit in the wake of the US Department of Homeland Security’s decision to prohibit use of its products and services by the feds, the company says.
- Personal details of 220,000 Malaysian organ donors and their next of kin leaked online Sharmila Nair reports
- UK: Top 500 Legal Firms Have Over a Million of Their Credentials Leaked on the Dark Web Rafia Shaikh reports
- Google Pays Researcher Record $112,500 for Android Flaw The bug bounty reward, given to a researcher who submitted a working remote exploit chain, is Google’s highest for an Android bug.
- You Break It, They Buy It: Economics, Motivations Behind Bug Bounty Hunting Some bug hunters make 16 times the median salary of software engineers in their home countries.