Security Briefing 11.15.16
Security firm Cylance has published a video showing how an attacker with physical access to Sequoia AVC Edge Mk1 voting machines can use a PCMCIA card to re-flash the device’s firmware and manipulate the voting tallies in memory. Happy voting!
Cisco last week prompted a password reset for the user accounts on its Cisco Professional Careers mobile website after a security researcher discovered a vulnerability in the portal.
US, UK, EU, AUS, NZ all join forces in Operation Hyperion – Oct 22-28, they collectively took down a number of TOR marketplace sites and made several arrests.
Something took Liberia’s internet offline and experts aren’t quite sure what. The Mirai botnet certainly attacked the infrastructure of the country and brought about a gaping security flaw in the ‘IoT’ devices, but there is no evidence to support this claim.
Virus, likely ransomware, effectively closes UK hospital, compromising systems and effectively diverting all planned operations and major trauma cases to others in area.
Microsoft to provide a safe training environment and cybersecurity protection to Norway world chess champion as he prepares to take on his Ukraine opponent in world championship match. Amid rising fears of ‘Russian Hackers,’ he reached out to Microsoft for protection of his training data and analysis. Microsoft agreed.
Mirai botnet is being actively upgraded at an alarming rate. The botnet source code has been making the rounds on the internet, picking up traction to be made better, faster, stronger.
Firefox has a very low market share of browser users, but has been continuously being made better over the last year, with free-lance white-hat hackers discovering and helping to patch over 130 serious vulnerabilities. UPDATE FIREFOX WHEN YOU CAN.
Scary vulnerability in Belkin WeMo devices (electrical switches, cameras, light bulbs, coffee makers, air purifiers, etc.) allows hackers to not only hack the devices, but to hack the android phone running the app that controls the devices.
White hat hacker releases worm that finds ‘IoT’ devices with default credentials and changes them. Interesting theory, nearly non-existent possibility that it will be used in the wild.