A selection of this week’s more interesting vulnerability disclosures and cyber security news. The news is often filled with enterprising hackers breaching complex systems, but what about the easy stuff such as what risks are there when you take any device into a repair shop or let someone you know with more skills loose on some precious bit of tech? We assume that these people are OK right?
Even if you don’t hand your kit over, just walking past a bunch of machines could put you at some kind of risk:
- Hackers can use Cortana to open websites on Windows 10 even if your PC is locked Tristan Greene reports
I’m always intrigued when an security alert pops up which only requires construction of a single network packet can take out a machine. This one may not be as great a risk as others in the past but I wonder how many network appliances/routers using embedded versions of FreeBSD could be affected, and if they will ever be fixed:
Other news of course…
- Second Ransomware Round Hits Colorado DOT A variant of SamSam sends CDOT employees back to pen and paper with two attack waves in two weeks.
- Millions of Office 365 Accounts Hit with Password Stealers Phishing emails disguised as tax-related alerts aim to trick users into handing attackers their usernames and passwords.
- Memcached DDoS Attack: Kill Switch, New Details Disclosed Corero shares a kill switch for the Memcached vulnerability and reports the flaw is more extensive than originally believed.