A selection of this week’s more interesting vulnerability disclosures and cyber security news. So many interesting snippets this week – in a disturbing way of course. We have a number of large breaches both self inflicted and the usual unsecured DB server, crypto-mining, ransomware and web scans for major products which were breached in hours after patches were released. Disturbing yes. Instead of all of those, the ones that drew my attention are a little more quirky. The first, especially if you happen to be in the EU is the growing alarm most are having over GDPR and I am really surprised the scammers have taken this long to start sending fake email. Its certainly going to get worse over the next couple of weeks so stay alert and don’t click on anything unless you are sure, and REALLY don’t on a mobile device where you can’t see the link you are about to follow:
Remote exploits on cars I find both particularly interesting and scary. This one went a little way in before the researchers felt it was too much to proceed further. Not sure if this is putting me off buying a new car or not… Might stick with my dumb non-connected one for a while longer…
The Rowhammer attack is another of those curious methods that I’ve been interested in over the years, and seeing it slowly develop into a viable attack method raised little alarm – until now. Now it appears to be a credible threat at least on Android. Take a look:
The other news: