TaskRabbit (now owned by Ikea) was hacked this week. They are back up and have written an update, but aren't sharing much yet of what happened, only that personal information might have been compromised.
The network was built from over 52.000 compromised servers, mostly Wordpress sites. The creators redirect part of their traffic to malicious landing pages, and rented this "traffic as a service" out to others.
Even though your phone says you're fully patched, the vendor might have not included a few security updates.
Just a nice example of why IoT security is a thing. The 'smart' thermometer was used as a foothold to discover and extract a database with personal data on the casino's high rollers.
A total of 34 tech firms (Microsoft, Facebook, LinkedIn, ..) have committed to a number of promises: never help a government launch a cyberattack, build stronger defences, share intel with each other and empower customers to protect themselves better.
- Chrome has a new version out, where they move forward on distrusting Symantec certs, site isolation and preventing code injection: link
- Cisco has an update for a critical vulnerability in WebEx: link
- Intel is issuing a fix for a vulnerability where a local attacker can alter the behaviour of the firmware and cause it to reboot, crash or potentially execute code: link
Starting in version 70, due to come out in October, Chrome will remove http cookies after a certain time. They'll start with a year and work their way down.
It's Microsoft's version of Google's Safe Browsing API. It works of a different database than Google's and is apparently even better in detecting phishing sites.
Interesting article about the challenges of cyber insurance, from the point of view of the insurance company.
I wouldn't call it broken, but it's still an interesting article. The author registers himself as Stripe, Inc, but based out of Kentucky instead of Delaware, like the real Stripe. He then uses his company to get an EV certificate for Stripe, Inc.
Fleetsmith is a fantastic solution for keeping your macOS devices managed and secure, used by yours truly every day. It fully integrates with G Suite, and you can try it free with 10 devices for as long as you need.
GDPR is coming, are you ready? If not, don't worry. Read this easy to follow whitepaper that gives practical advise on what businesses have to do to get started and become GDPR compliant.