A selection of this week’s more interesting vulnerability disclosures and cyber security news. A lot to get worked up about this week, and I will skip the majority of the noise about British Airways and yet more MongoDB related shenanigans, to highlight another kind of oversight: Deploying publicly accessible web content with Git and not cleaning up afterwards – or not doing it in the first place perhaps:

Not sure how angry I would be, not being a Chrome user, but its easy to understand. Certainly confusion when we’re told to watch out for similar domains used by phishing scams. Unexpected changes really don’t inspire confidence… But then who really pays attention anyway?

Have to get one IoT in and this article title really sums up all that is wrong:


Read on, and don’t get too worked up, its nearly the weekend…

Weekly Cyber Security News 14/09/2018