The security firm FireEye reported seeing a zero-day in use for Microsoft Word that infects you when you open the file, without requiring macro's to be enabled. Microsoft released a patch this Tuesday, April 11th.
The tornado sirens of the city of Dallas were hacked last Friday night, causing all 156 of them to go off throughout the night.
Kaspersky Lab researchers discovered that a Brazilian bank was completely hijacked, from website serving malware to corporate e-mail being shut down. All thanks to the fact that the attackers gained access to its DNS systems.
This is a report of a 'PDOS', Permanent Denial of Service aka 'phlasing' being executed by malware called Brickerbot. It tries to enter an IoT device by Telnet brute-force (like Mirai), and then goes on to corrupt storage, break Internet connectivity and wipe files.
Any website can ask for measurements of sensor data like motion and orientation information of mobile devices visiting them. Researchers show it can be used to determine one's PIN code.
Interesting sign of the times: AIG is presenting a product in their 'wealthy people' portfolio around personal cybersecurity, covering damages for data breaches and offering prevention through security advise and audits of personal devices, personal networks, social media, etc.
Fun and interesting read on 'Moonlight Maze', a hacker group that's been around since the 90's.
This is the 20th issue of this little newsletter :-) I love writing them, and am pleasantly surprised by the positive feedback. Thanks for being a part of it!
If you want to spread the love, feel free to do a shoutout on Twitter or forward this newsletter to someone who might find it interesting. Thanks!