Weekly Cyber Security News 16/03/2018

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Been a few surprises this week, the utterly bizarre and growing concern over new AMD vulnerabilities. Are they real? Maybe. Is there something else going on? Quite possibly. This one could go anywhere in the next few days:

• AMD Investigating Report of Vulnerabilities in its Microprocessors Israel-based firm says it found critical bugs in AMD’s newest chip families.

• Researchers Find Critical Security Flaws in AMD Chips

• Security Firm Under Fire Over Disclosure of AMD Chip Flaws

• CTS Labs Provides Clarifications on AMD Chip Flaws

Interesting to see Hacking Team are possibly back fully functioning:

• New Hacking Team Spyware Samples Detected: ESET

And a leak at a very popular UK exchange bureau:

• Used Tesco for your travel cash in the past? Your personal details may have been hit by a data leak at its provider Travelex Lee Boyce reports

Remaining bits…

• Data Breach Left Millions of Israeli Kids Pictures Vulnerable to Hacking Amitai Ziv reports

• SEC Charges Former Equifax Exec with Insider Trading CIO of a US business unit within Equifax had reportedly learned of the company’s data breach and sold his shares for nearly $1 million.

• Walmart jewelry partner exposed 1.3 million customer details Bob Diachenko writes

• Firefox 63 to Distrust All Symantec Root Certificates

• FlawedAmmyy RAT Campaign Puts New Spin on Old Threat A remote access Trojan, in use since 2016, has a new tactic: combining zip files with the SMB protocol to infect target systems.

• Hacked Japan Crypto Exchange Refunds Customers

• Hackers Can Abuse Text Editors for Privilege Escalation

• New ‘Mac-A-Mal’ Tool Automates Mac Malware Hunting & Analysis

• Researchers Demonstrate Ransomware Attack on Robots

• Microsoft Patches Over Dozen Critical Browser Flaws

• Facebook Flaws Exposed Friend Lists, Payment Card Data

• Microsoft Remote Access Protocol Flaw Affects All Windows Machines

• Pwn2Own: Microsoft Edge and Apple Safari fall on day 1