Daily NCSC-FI news followup 2019-08-17

Apples Lawsuit Against a Startup Shows How It Wants to Control the iPhone Hacking Market

www.vice.com/en_us/article/d3a8jq/apple-corellium-lawsuit Apple sued Corellium, a company that makes virtual copies of iOS for researchers to practice hacking the iPhone on.

NSA asks Congress to permanently reauthorize spying program that was so shambolic, the snoops had shut it down

www.theregister.co.uk/2019/08/16/spying_reauthorization_coats/ In the clearest possible sign that the US intelligence services live within their own political bubble, the director of national intelligence has asked Congress to reauthorize a spying program that the NSA itself decided to shut down after it repeatedly and illegally gathered the call records of millions of innocent Americans.

Steam Security Saga Continues with Vulnerability Fix Bypass

www.bleepingcomputer.com/news/security/steam-security-saga-continues-with-vulnerability-fix-bypass/ A bypass for a recent Steam vulnerability that could allow malware or a local attacker to gain admin privileges has been disclosed on Twitter. This new method allows an attacker to bypass the fix created by Steam and exploit the vulnerability again.

Chrome add-on warns netizens when they use a leaked password. Sometimes, they even bother to change it

www.theregister.co.uk/2019/08/16/google_stanford_chrome_passwords/ Alerted to exposed credentials, users do something about it roughly a quarter of the time

US Customs and Border Protection says systems are being restored after earlier outage snarled international arrivals at airports

www.cnbc.com/2019/08/16/computer-issue-snarls-immigration-processing-at-airports-around-the-us.html U.S. Customs and Border Protection said Friday evening that systems around the country were being restored after an earlier outage prevented U.S. immigration officials from processing thousands of arriving passengers during a busy summer travel day.. There was no indication that the system was intentionally derailed, according to a CPB official.

Fake News and Influence: Information Warfare in the Digital Age

threatpost.com/information-warfare-power-misinformation/147452/ Its been around forever, but in a modern digital era marked by influence campaigns and deep fakes, information warfare has become much easier to carry out.

To patch Windows or not: Do you want BlueKeep bug or broken Visual Basic apps?

www.zdnet.com/article/to-patch-windows-or-not-do-you-want-bluekeep-bug-or-broken-visual-basic-apps/ This week’s Windows updates fix critical ‘wormable’ flaws but may also break Visual Basic apps, macros, and scripts. What should you do?

Windows Updates Start Rolling Out to Fix Visual Basic Issues

www.bleepingcomputer.com/news/microsoft/windows-updates-start-rolling-out-to-fix-visual-basic-issues/ Microsoft has started to release new Windows updates that fix Visual Basic and VBScript issues that were introduced in recent updates. These updates are first rolling out for Windows 7 SP1 and Windows Server 2008 R2 SP1, Windows 8.1 and Windows Server 2012 R2, and Windows 10 version 1709.

Cloud security is too important to leave to cloud providers

www.zdnet.com/article/cloud-security-is-too-important-to-leave-to-cloud-providers/ As cloud rises to encompass to more corporate applications, data and processes, there’s potential for end-users to outsource their security to providers as well.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.