In-brief: Software updates were released to address a serious and exploitable security flaw in the Linux kernel on Tuesday. The issue, in a feature called keyring, could impact embedded systems as well as mobile devices.
Patching
Flaw in Super Secret BlackPhone Underscores Third Party Risk
In-brief: Black Phone contains a security flaw that could enable a malicious actor to redirect phone calls or secretly send text messages from the device, according to a report from the firm SentinelOne. The culprit: vulnerable third party software.*
XFinity Smart Home Flaws Could Enable Burglars
A security flaw in smart home technology sold by Comcast could allow would-be burglars to disable door and window alarms using radio-jamming attacks, according to research from the firm Rapid7.
CERT Warns Wind Turbines Open to Compromise
In-brief: Wind turbines made by the UK firm XZERES Wind are susceptible to common, web-based attacks including cross site scripting, according to a warning published by the Industrial Control System CERT (ICS-CERT).
Check it Twice: Consumers Warned of Privacy, Security Pitfalls in Connected Gifts
In-brief: More than 50 million connected devices will be purchased this holiday season, according to the Online Trust Alliance. But consumers should be wary of privacy and security issues affecting Internet-connected products, the group said.
