Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Apple Releases Security Updates

09/25/2017 08:08 PM EDT Original release date: September 25, 2017

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:

And more Apple updates – Apple Releases Security Update for iOS

09/26/2017 03:41 PM EDT  Original release date: September 26, 2017

Apple has released iOS 11.0.1 to address vulnerabilities in previous versions of iOS. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Apple security page for iOS 11.0.1 and apply the necessary update.

Linux IoT devices used for spam

Now comes a new IoT botnet out to turn those devices into spam recipients and relays rather than a DDoS platform.  Reports credit the malware with the ability to send about 2800 spam messages a week through each compromised device.

Add FM Radio to your phone with Next Radio app

Not a security feature, but still cool.  Did you know there is an FM radio chip in most smart phones?  I didn’t, but I just installed Next Radio and I am listening to FM radio on my phone


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.