InfoShield News November 17 2017

InfoShield News – November 17, 2017

Input validation takes a back seat to this vulnerability. A registration website had its interface easily bypassed, allowing the engineer who found the flaw to view some information about other registrants.

https://motherboard.vice.com/en_us/article/evb8yw/forbes-30-under-30-conference-website-exposed-attendees-personal-information

 

A slightly disturbing fact about old aircraft and how hackable they are. The article goes on to describe hacking an older plane that was parked in NJ and not in use. Although newer planes have better security, 90% are still using the older technology. Airlines claim an extremely burdensome cost if they were to try and change the code running these older planes.

http://www.aviationtoday.com/2017/11/08/boeing-757-testing-shows-airplanes-vulnerable-hacking-dhs-says/

 

This isn’t the first time MFA has been targeted in an attack against users. In this case it was against banks in Germany.

https://www.forbes.com/sites/forbestechcouncil/2017/11/15/the-evolution-of-the-password-how-to-protect-your-business-against-modern-security-threats

 

“The Android/TrojanDropper.Agent.BKY family was found in at least eight apps in Google Play so far, but the damage has been limited. Each of the apps only had a few hundred downloads before Google pulled them from the store, according to ESET, which discovered the malware family and notified Google.”

https://www.darkreading.com/mobile/stealthy-android-malware-found-in-google-play/d/d-id/1330440?

 

Another Black Tuesday has come and gone. Microsoft released a pile of patches, as did Adobe.

https://thehackernews.com/2017/11/microsoft-patch-tuesday.html

https://krebsonsecurity.com/2017/11/adobe-microsoft-patch-critical-cracks/

Leave a Reply

Your email address will not be published. Required fields are marked *