From Security Weekly WikiJump to navigationJump to search
#[https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/ Two malicious Python libraries caught stealing SSH and GPG keys | ZDNet]
#[https://hotforsecurity.bitdefender.com/blog/mystery-server-found-to-host-private-data-in-the-open-for-1-2-billion-people-21827.html Mystery Server Found to Host Private Data in the Open for 1.2...]
#[https://businessinsights.bitdefender.com/palo-alto-networks-employee-data-breach-highlights-risks-posed-by-third-party-vendors Palo Alto Networks Employee Data Breach Highlights Risks Posed by Third Party Vendors]
#[https://www.helpnetsecurity.com/2019/12/02/hacking-robotic-vehicles/ Hacking robotic vehicles is easier than you might think - Help Net Security]
#[https://www.inc.com/jason-aten/if-you-bought-a-smart-tv-on-black-friday-fbi-has-a-warning-for-you.html If You Bought a Smart TV on Black Friday, the FBI Has a Warning for You] - Huh? Backdoor through my router? ''"Beyond the risk that your TV manufacturer and app developers may be listening and watching you, that television can also be a gateway for hackers to come into your home. A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the backdoor through your router."'' - An attacker still needs a way to get software on the TV to spy on you, maybe it's a backdoor in an app that is installed on the TV, perhaps a backdoor in the firmware, maybe intercepting domains the TV's use to call out to apply updates or get other data. Suggesting that we put tape over the cameras is just silly. How about we address the actual security vulnerabilities, rather than send people into a panic and have them do things that don't really fix the problem?