Weekly Cyber Security News 18/03/2016

For well over a decade our focus at ionCube has been on PHP security but recently with the release of ionCube24 we have been looking into different kinds of vulnerabilities. This post has a few of the interesting issues we have found this week.

A selection of this week’s more interesting vulnerability disclosures and cyber security news including an attack on the Bangladesh Central Bank and how hacking Steam accounts is big business.

Cyber Security News Headline

The highlight (or is that the low-light?) of the week, the audacious attack on the federal reserves of Bangladesh Central Bank. A string of failures and missed alarm bells which by luck finally put an end to an impressive attempt.

• A typo stopped hackers siphoning nearly $1bn out of Bangladesh (The Register)

General

• After an easy breach, hackers leave tips (ArsTechnica
• Auto vulnerability scanners turn up nostly false positives (The Register)
• Code.org volunteer emails exposed in information leak (ZDNet)
• Hackers Attack DDoS Defense Hosting Firm (InfoRiskToday)
• Hotel light control hack illuminates lamentable state of IoT security (The Register
• Mechanic computers used to pwn cars in new model-agnostic attack (The Register)
• Microsoft stops accepting Bitcoin in Windows Store (The Register)
• No longer fun and games: Steam account hijacking becomes booming business (ZDNet)
• The Internet of dangerous, broken things (ZDNet)
• TLS isn’t up to the job without better credential protection says RFC (The Register)
• WordPress Configuration Error on XDA-Developers.com led to full Web-Server Access and shut down website