Unfortunately I couldn't spend as much time on this issue as usual, because my wife and daughter fell ill this week. It's all hands on deck here, family comes first :-)
I included the most interesting links, but with less filtering and summarizing than usual. I hope you still get value out of it!
Breaches and leaks
- Veeam: data management and disaster recovery firm (ow, the irony). Exposed more than 440 million names and e-mails of a marketing database.
- FOIA.gov: US government site that deals with data transparency requests. After a site upgrade it started showing sensitive personal data, like social security numbers, that were previously masked.
- mSpy: another spyware maker, leaking millions of call logs, screenshots, location information and what have you.
- Schneider Electric: shipped USB's infected with malware with some of its products.
- NPower: energy company, sent personal and payment information of 5.000 customers to the wrong people.
- Microsoft had its Patch Tuesday, fixing 61 vulnerabilities, 17 of which are critical remote-code execution bugs.
- Cisco released a host of fixes for critical vulnerabilities.
- Adobe pushed security updates for Flash and Coldfusion.
- Mozilla patched nine security issues in Firefox 62, including one arbitrary code execution bug.