Issue 77

Vacation still going :-)

Just like last week I'm still on vacation, so minimal mode it is. I selected the stories that jumped out to me, but without summarising or heavy filtering. Enjoy!



Researchers warn PGP and S/MIME users of serious vulnerabilities

There's a lot of uproar on the news itself, how it was disclosed and how valid the vulnerabilities are. I can't dig into all of it (vacation mode), but this article seems a good overview. This blogpost from Protonmail counters a lot of the hype as well.
csoonline.com


Security flaw impacts Electron-based apps (Slack, Atom, Discord, ..)


bleepingcomputer.com


Serious XSS vulnerability discovered in Signal


sophos.com


Mexico's banking system sees $18M siphoned off in phantom transactions


threatpost.com


Cardbreach announced at Chili’s restaurant chain


bleepingcomputer.com


Kaspersky to move data of most users from Russia to Switzerland


bleepingcomputer.com


Update all the things \o/

  • Hardcoded passwords found in Cisco enterprise software, again: link
  • Adobe doles out second round of of higher priority patches: link


Attackers use UPnP to sidestep DDoS defenses


threatpost.com


IBM employees banned from using portable storage devices


helpnetsecurity.com


Shadowy hackers accidentally reveal two zero-days to security researchers


bleepingcomputer.com


iOS 11.4 to disable usb port after 7 days: what it means for mobile forensics


elcomsoft.com


Sponsorship

The (easy) road to GDPR compliance

GDPR is coming, are you ready? If not, don't worry. Read this easy to follow whitepaper that gives practical advise on what businesses have to do to get started and become GDPR compliant.
netsparker.com


Remote lock & wipe your company's devices

Fleetsmith just released a new feature that allows you to remote lock and wipe your employee's devices if they get lost or stolen. They also let you manage your first 10 devices free, integrates fully with G Suite, and is used by yours truly every day.
fleetsmith.com