Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


50th Anniversary of Apollo 11 Moon Landing

Apollo 11 was the spaceflight that landed the first two people on the Moon. Commander Neil Armstrong and lunar module pilot Buzz Aldrin, both American, landed the Apollo Lunar Module Eagle on July 20, 1969, at 20:17 UTC. Armstrong became the first person to step onto the lunar surface six hours later on July 21 at 02:56:15 UTC; Aldrin joined him 19 minutes later.


Hotspot finder app blabs 2 million Wi-Fi network passwords

If you used WiFi Finder, your passwords to both public and private networks have been left online in an unprotected database.


Once again, it’s 123456: the password that says ‘I give up’

A new survey says 46% of users find security confusing, which helps explain how that old clunker keeps popping to the top of breach lists.


Serious Security: Ransomware you’ll never find – and how to stop it

What if you got hit by ransomware – but the malware program itself was on the other side of the world where you’d never find it?


Drupal Releases Security Updates

Original release date: April 17, 2019

Drupal has released security updates to address multiple vulnerabilities in Drupal Core. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.  The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Drupal’s security advisories SA-CORE-2019-005 and SA-CORE-2019-006 and apply the necessary updates.


Unpatched Docker bug allows read-write access to host OS

There are lots of books on tools and techniques to secure software containers, but what happens when someone discovers a basic architectural flaw? And what do you do when there’s no working patch for it?  That’s the situation in the Docker universe this week after Suse developer Aleksa Sarai uncovered a bug in the way that the container framework handles path names.


 

0

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.