WTH Security News March 9, 2020

Your weekly top 5 technical and security issues you should pay attention to: Kr00k is a new WiFi vulnerability affecting over 1 Billion devices. Great coverage on Security Now Episode 756. Wireguard is Arthur’s favourite new VPN. Not their service, but the protocol which you can run on your own infrastructure. An Android Security App…

WTH Security News March 2, 2020

Your weekly top 5 technical and security issues you should pay attention to: Firefox now defaults to DNS-over-HTTPS (DoH) in the US for new installs. Huge implications including user-unintentional security *bypass* for any security layers in companies that rely on DNS-based filtering. Sophos privatized (now completed) by Thoma Bravo. $3.8Billion acquisition. Apple uses its industry…

WTH Security News February 17, 2020

Your weekly top 5 technical and security issues you should pay attention to: Escaping the Chrome Sandbox with RIDL. Attacks only get more sophisticated. There’s finally a way to remove xHelper, the unremovable Android malware. Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world. Promiscuous Cookies and Their Impending…

WTH Security News February 10, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: 5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras. Patch patch patch. Facebook’s Twitter, Instagram Accounts Hacked. Always be careful with third party access! Signed hardware drivers used in order to delete security products. Always do security in layers.…

WTH Security News February 3, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Researcher Finds Over 60 Vulnerabilities in Physical Security Systems. Most of our favourite vendors are on that list. Sharepoint 2007 exploited in the wild, CVE-2019-0604 (Microsoft link). Hackers love .XYZ domains. Microsoft Leaves 250M Customer Service Records Open to the Web.Tomato Routers under attack. I wouldn’t be…

WTH Security News January 27, 2020

Your weekly top 5 “What the heck?” technical and security issues Nerds should pay attention to: BlueKeep use keeps growing in cryptocurrency mining and reverse shells. Windows 7 users vulnerable in IE and may never be fixed for out-of-support licenses. Endpoint Security (TrendMicro) zero-day was used to hack Mitsubishi. Microsoft Edge (Chromium-based) is out (even for macOS) and may…