5G networks must be secured from hackers and bad actors, zero-day vulnerability highlights the responsible disclosure dilemma, a flaw in multiple airline systems exposes passenger data, security bugs in video chat tools enable remote attackers, and an original World War 2 German message decrypts to go on display at the National Museum of Computing!
- 5G networks must be secured from hackers, bad actors, US senator says
- Unlimited crypotocurrency? Zcash fixes counterfeiting flaw
- National pen test execution standard would improve network security
- Security expert Marco Ramilli released for free the Malware Hunter tool
- Zero-day Vulnerability Highlights the Responsible Disclosure Dilemma | SecurityWeek.Com
- What do successful pentesting attacks have in common? – Help Net Security
- Lookalike domains: Artificial intelligence may come to the rescue – Help Net Security
- 8 months of GDPR: 59,000+ reported breaches, 91 fines – Help Net Security
- Flaw in Multiple Airline Systems Exposes Passenger Data
- When 911 Goes Down: Why Voice Network Security Must Be a Priority
- Micro-segmentation Security Firm Illumio Raises $65 Million | SecurityWeek.Com
- Security Bugs in Video Chat Tools Enable Remote Attackers
- Half of IoT devices let down by vulnerable apps
- Original WWII German message decrypts to go on display at National Museum of Computing
- Today is Shine a Light on Slavery Day Born out of the belief that even one person trapped in slavery is too many, #ENDITMOVEMENT is a coalition of the leading organizations in the world in the fight for freedom.
- Fewer Breaches in 2018, But More Sensitive Data Spilled
- What Can We Learn from the Healthcare Data Breach ‘Wall of Shame’?
- Tribe of Hackers FREE PDF Cybersecurity advice from the best hackers in the world
- Does HIPAA Apply to Medical Marijuana Facilities?
- Authentication and Key Management flaws in 5G Authentication and Security issues are being revealed in 5G which allow MITM and collection of other mobile user information. May also impact 4G & 3G protocols. Expect fixes by end of 2019 with second phase deployment.
- Phone number porting scam Scenario where you’re being asked to call someone who says you must provide a PIN first, this is the PIN for completing a phone port to Google Voice of your number.
- Discarded smart lightbulbs can reveal your passwords Discarded Lifx lightbulbs were found to store WiFi passwords and RSA private keys in the clear.
- LibreOffice and OpenOffice RCE flaw disclosed. Exploits the Python file parsing code to call functions and pass parameters. LibreOffice has a patch. Workaround: disable python support by renaming or removing pythonscrypt.py
- Vaporworms – a new variant of fileless malware threat. Preditcted to be the scourge of 2019 – vaporware is a new twist on fileless malware which is harder to track and find, e.g. payload in one registry key, and execution command in another.
- Apple Releases Multiple Security Updates iOS 12.1.4 and OS X 10.14.3 Supplimental Update to address Group FaceTime issue. Group FaceTime still appears disabled even with those updates applied as of the broadcast.
Follow us on Twitter: https://www.twitter.com/securityweekly
- RSA Conference 2019 is coming up March 4 – 8 in San Francisco! Go to rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass! If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request!
- Join us April 1-3, at Disney’s Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass. If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request!
- Registration is now open for the first Security Weekly webcast of 2019! You can register for our “Rise Above Complex Workflows: Practical Ways To Accelerate Incident Response” webcast now by going to securityweekly.com/webcasts