A selection of this week’s more interesting vulnerability disclosures and cyber security news. We are now in the new world of GDPR and apart from the trolls last week firing off legal cases because they can, we do have two more interesting items that could be real challenges to clarify what this new law can and can not do:
Talking of GDPR, a few lucky escapes perhaps under the new rules?
And to finish off with one of my favourite topics – obscure hardware attacks. This one is really nice:
- Sonic Tone Attacks Damage Hard Disk Drives, Crashes OS Attack uses ultrasonic sound waves to disrupt HHD read/write operations, which could lead to a system crash.
Other bits and pieces:
- Fraudsters Claim To Hack Two Canadian Banks Two Canadian banks reported that they may be targets of a hack after fraudsters claimed that they electronically accessed personal and account information.
- Huawei Patches Four Server Bugs Rated High Severity Huawei stamps out four high-severity bugs impacting 20 server models ranging from its XH, RH and CH lines.
- Singapore ISP Leaves 1,000 Routers Open to Attack Telcom firm leaves port open on customer routers after maintenance update exposing hundreds of customers to possible attack.
- FBI Warns Users to Reboot All SOHO Routers Everyone with a home router should reboot their systems as a precaution in the wake of the recently discovered VPNFilter attack infrastructure.
- Nocturnal Stealer Lets Low-Skilled Cybercrooks Harvest Sensitive Info The low-cost malware lowers the barrier of entry for carrying out advanced data exfiltration.
- Brazilian Banking Trojan Communicates Via Microsoft SQL Server Researchers have discovered a banking trojan making waves in Brazil with an array of tricks up its sleeve, including using an unusual command and control (C&C) server.
- Google Patches reCAPTCHA Bypass An exploit for the bypass vulnerability required an HTTP parameter pollution in a web application.