A selection of this week’s more interesting vulnerability disclosures and cyber security news. Biometrics again. Here’s the thing, you get the consumer all fired up and (as the article says) actually put in some good kit saying this is reliable, and then further down the line substitute it for something that is not so great; will the consumer be aware of the down grade? Most likely not. As with all authentications, biometrics included, don’t rely on just one key…
All the best tech in the world for securing transatlantic communications fails if you don’t cover basic physical security. There may be loads of automated bots constantly scanning for a way in, however, us meat-bags will always be the weakest link in any security chain:
Low hanging fruit are the mainstay of cyber criminals, and focusing on places where a lot of possible marks could be, and where they might have their guard down is a literal gold mine. Unfortunately gamers are one such group. How do you protect yourself from rouge game servers when a server list is presented which is hard to verify in-game?
Other mad news…
- That marketing email database that exposed 809 million contact records? Maybe make that two-plus BILLION
- Freelance devs: Oh, you wanted the app to be secure – The job spec didn”t mention that (The Register)
- Hackers cop a FILA thousands of UK card deets after slinking onto clothing brand”s servers (The Register)
- Microsoft changes DHCP to “Dammit, Hacked, Compromised, Pwned” Big bunch of security fixes land for Windows (The Register)
- Nah, National Cyber Security Centre doesn”t need its own minister, UK.gov tells Parliament (The Register)
- Threatlist: IMAP-Based Attacks Compromising Accounts at ‘Unprecedented Scale’ Attackers are increasingly targeting insecure legacy protocols, like IMAP, to avoid running into multi-factor authentication in password-spraying campaigns.
- GlitchPOS Malware Appears to Steal Credit-Card Numbers A new malware targeting point of sale systems, GlitchPOS, has been spotted on a crimeware forum.