A week in security (May 3 – 9)
Last week on Malwarebytes Labs, we discussed how Spectre attacks have come back from the dead; why Facebook banned Instragram ads by Signal; we highlighted the differences between the most popular VPN protocols; pointed out that Google is about to start automatically enrolling users in two-step verification, and how millions are put at risk by old, out of date routers.
Other cybersecurity news:
- Cisco HyperFlex web interface has a critical flaw. (Source: The Register)
- NSA advised to strengthen the security of operational technology (OT). (Source: Tripwire)
- Tesla automobiles vulnerable to compromise over WiFi. (Source: Kunnamon)
- Fix for critical Qualcomm chip flaw is making its way to Android devices. (Source: ArsTechnica)
- Multiple critical vulnerabilities in Exim Mail Server dubbed 21Nails. (Source: Qualys)
- Domain hijacking via logic error; Gandi and Route 53 vulnerability. (Source: Cyberis)
- Tour de Peloton: Exposed user data. (Source: PenTestPartners)
- Apple fixes 2 iOS zero-day vulnerabilities actively used in the wild. (Source: BleepingComputer)
- Google and Mozilla will bake HTML sanitization into their browsers. (Source: The Daily Swig)
- tsuNAME, a vulnerability that can be used to DDoS DNS. (Source: tsuname.io)
Stay safe, everyone!
The post A week in security (May 3 – 9) appeared first on Malwarebytes Labs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.