A selection of this week’s more interesting vulnerability disclosures and cyber security news. From time to time we hear stories of supply chain infections, and they tend to affect a low but still significant number of projects. A team though have gone a bit further in seeing how far they could take it. The results are sobering:
With references to the fiasco of the alleged Supermicro implant hardware, this little article posses some interesting ideas, though of course, large scale as a opposed to one-off hacks are a different thing:
Talking of implants, this next article throws a few surprises with how lax and unconcerned some are over crucial global supply routes:
In other news:
- Hundreds charged in internet’s biggest child-abuse swap-shop site bust: IP addy leak led cops to sys-op’s home
- Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS The flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit.