Changes

From Security Weekly Wiki
Jump to navigationJump to search
1,058 bytes added ,  14:40, 15 May 2019
m
#[https://securityaffairs.co/wordpress/85426/hacking/gps-trackers-flaws.html White label GPS trackers hacked] Generic GPS trackers SIM can be reset by hackers to enable and change functionality such as enabling the microphone. Security appears to be an afterthought. Also the question of why these features exist in a GPS tracker comes to mind.
#[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708 Microsoft RDP/wormhole patch] Microsoft issues patch for RDP services to close RCE hole. Patch includes Windows XP update.
#[http://arstechnica.com/information-technology/2019/05/whatsapp-vulnerability-exploited-to-infect-phones-with-israeli-spyware/ WhatsApp used to distribute malware] WhatsAPP on Android and iOS can be used to distribute malware. Update released 5.13 resolves the flaws.
#[http://thehill.com/policy/cybersecurity/443152-lawmakers-offer-measure-requiring-cyber-it-training-for-house US House of Representatives requires Information Security trainng] The US House of Representatives is just requiring itself to complete annual cyber training. In today's threat environment, quarterly and monthly training is more the norm, and NIST SP 800-53 already requires it for federal information system users.
#[http://www.fedscoop.com/supply-chain-threats-prompt-senate-legislation-training-acquisition-officials/ Supply Chain Security training legislated] Training proposed for acquisition officials on the heals of ASUS and other similar hardware issues. Supply chain defects bypasses traditional perimeter protections, and has to apply to anyone processing your dats.
== Jeff's Stories ==
<br><br>
323

edits

Navigation menu