09/12/2017 05:26 PM EDT Original release date: September 12, 2017
US-CERT is aware of a collection of Bluetooth vulnerabilities, known as BlueBorne, potentially affecting millions of unpatched mobile phones, computers, and Internet of Things (IoT) devices. A remote attacker could exploit several of these vulnerabilities to take control of affected devices.
US-CERT recommends that users and administrators read Vulnerability Note VU#240311 for more information.
Too many people are giddy about getting the green light for easier passwords, but aren’t reading the fine print.
BitCoin A Fraud?
JPMorgan CEO Jamie Dimon calls bitcoin — which is at more than $4,100 right now — a fraud, says it’s “worse than tulip bulbs.” (Reuters)
09/19/2017 04:56 PM EDT Original release date: September 19, 2017
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker may exploit some of these vulnerabilities to take control of an affected system.
US-CERT encourages users and administrators to review the following Apple security pages and apply the necessary updates:
09/20/2017 08:50 AM EDT Original release date: September 20, 2017
WordPress versions prior to 4.8.2 are affected by multiple vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website.
US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 4.8.2.
NOT Experian! This time Equifax! Am I the only one who thinks that Equifax and TransUnion a both probably as poorly secured as Equifax? Have we forgotten the flood of retail breaches the followed hard on the Target Christmas breach? Why should this time be different?
More “Internet of Vulnerable Medical Things” from TechDirt – security researchers have discovered eight vulnerabilities in a syringe infusion pump used by hospitals to help administer medication to patients intravenously.
WordPress 4.8.2 is out, featuring nine security fixes website owners will want to apply, well, now.
All told, there have been six updates this year featuring security fixes, including January’s silent patch for a nasty zero day, this being the first since May’s v4.7.5.