A selection of this week’s more interesting vulnerability disclosures and cyber security news. Starting off this week, something that is becoming a regular occurrence; researchers against vs vendor battles. This one in particular have flavours of MongoDB about it, and they eventually backed down and couldn’t depend on the users doing the right thing. This vendor may also have to take that route eventually:
While we all know about news of world events being a lure for phishing the inattentive public, on the other side of the coin, various interested parties also want to inside news but decide to go for the direct option:
Seeing its a ‘thing’ now in this slot to have a bash at IoT, what about this one? I just love the thought of this…
- IoT Robot Vacuum Vulnerabilities Let Hackers Spy on Victims Two vulnerabilities were discovered on Dongguan Diqee-branded vacuum cleaners, Thursday.
- New Scanner Aims to Protect Home Networks Software pinpoint vulnerabilities and offers suggestions for remediation.
- Robotic Vacuums May Hoover Your Data Researchers have discovered a pair of vulnerabilities that allow unauthorized code execution in a robotic vacuum.
Other fun news:
- UK: Independent Inquiry into Child Sexual Abuse fined £200,000 for revealing identities of possible abuse victims in mass email
- DanaBot Trojan Targets Bank Customers In Phishing Scam A new phishing scam purports to be MYOB invoices but really contains a novel banking trojan.