A selection of this week’s more interesting vulnerability disclosures and cyber security news. There has been some amazing breach notifications this week, none of which I will comment on as there’s plenty of articles already. First item of comment this week is an interesting article commenting on various hosting providers – are they fair points? How far should our trust go in that any service provider of any kind is doing their best to look after both ours, and their, property?
In a way I’m glad the implications are beginning to dawn on those who slap IoT everywhere. As with any security a level of paranoia is healthy:
At last! More assistance for a healthy WordPress install, thought my preference would be that it should also automatically go into maintenance mode, or shut down the site should the version of WordPress be way too old because the owner hasn’t kept on top of updates. But perhaps I’m in the minority in thinking that?
Continue on for the other manic news of the week:
- Cops told: No, you can”t have a warrant to force a big bunch of people to unlock their phones by fingerprint, face scans
- Hack Allows Escape of Play-with-Docker Containers Researchers created a proof-of-concept escape of Docker test environment.
- Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means.
- Popular Web-Hosting Platform Bluehost Riddled with Flaws, Researcher Claims He said that similar flaws were also found in the Dreamhost, HostGator, OVH and iPage web hosting platforms.