In-brief: researchers have demonstrated how a snooping Android application can turn an Android based smart television set into an omnibus surveillance device. Get ready for more IoT misappropriations like this.
Breaking Security News
On Data Breaches: Is Our Employees Learning?
In-brief: companies are doing a poor job of educating employees to prevent inadvertent data breaches and spot malicious insider activity, despite the stakes.
With $20m in Funding, IoT Startup Afero Talks Up Security
In-brief: Afero, a startup offering a platform for Internet of Things devices, scored a $20.3 million Series A financing round, in part by promising a scalable Internet of Things platform that doesn’t skimp on security.
EFF Warns of Security Culture Gap at Hardware Engineering Firms | TechCrunch
In-brief: A senior attorney at the Electronic Frontier Foundation warned about the security knowledge gap facing traditional engineering firms as they pivot to making connected devices.
‘Badlock’ Bug Tops Microsoft Patch Batch
Microsoft released fixes on Tuesday to plug critical security holes in Windows and other software. The company issued 13 patches to tackle dozens of vulnerabilities, including a much-hyped “Badlock” file-sharing bug that appears ripe for exploitation. Also, Adobe updated its Flash Player release to address at least two-dozen flaws — in addition to the zero-day vulnerability Adobe patched last week.
Source: badlock.org
The Windows patch that seems to be getting the most attention this month remedies seven vulnerabilities in Samba, a service used to manage file and print services across networks and multiple operating systems. This may sound innocuous enough, but attackers who gain access to private or corporate network could use these flaws to intercept traffic, view or modify user passwords, or shut down critical services.
According to badlock.org, a Web site set up to disseminate information about the widespread nature of the threat that this vulnerability poses, we are likely to see active exploitation of the Samba vulnerabilities soon.
Two of the Microsoft patches address flaws that were disclosed prior to Patch Tuesday. One of them is included in a bundle of fixes for Internet Explorer. A critical update for …read more
