⚠️ If you're using the #WordPress 5.0 branch, update to version 5.0.1 now! ⚠️
Fixes for 7 #security vulnerabilities. Some allow site takeover, and also a pretty serious privacy leak.
Good research by Checkpoint security researchers. Quit shocking results, they found over 50 vulnerabilities in #Adobe reader in 50 days. One of the bugs was already reported and being exploited in the wild.
Linux[.]org was hacked on friday. Attackers switched DNS servers to their own site. Web admin recognizes that he should have put multi-factor authentication on his registrar account, but also blames Whois. Euhm, what?
#Linux #Infosec #CyberSecurity
New #Flash zero-day (CVE-2018-15982) actively exploited in the wild.
1) stop using Flash!
2) if 1 not possible, patch now!
Fake #iOS app offered to read users' heart rate and asked them to place their fingers on the Touch ID sensor to trick them in paying $90 for it. Already removed by Apple.
Atrium health breached. Breach caused by the org's 3rd party billing vendor. Unauthorized access between September 22 and September 29. Names, addresses, DOB, insurance policy information, medical record nrs, account balances stolen
Update VMware now! Patch for critical guest-to-host escape vulnerability CVE-2018-6983 available.
In other news I bought myself a lifetime Shodan subscription for only $5. The #BlackFriday2018 deal is on.
Well written @wired piece about the real risks of using free wifi nowadays
TL;DR: If you're you're no high-value target you're probably safe as most (commonly used) websites are served over HTTPS.
Russian banks hit by major #phishing attacks from 2 hacker groups.
The attack involved emails claiming to come from the Central Bank of Russia containing malicious .zip file attachments.
A Mastodon instance for info/cyber security-minded people.