The Drupal team has released a patch that they call highly critical that allows an attacker to run arbitrary code on a Drupal web site with no authentication required. All they need to do is know the URL of the web site. Drupal rates the severity of the flaw a 21 on a 1 to […]
Continue reading → [DISPLAY_ACURAX_ICONS]The New York Times is reporting that The Hudson’s Bay Company that owns Saks Fifth Avenue and Lord & Taylor confirmed that some number of stores run under these names and also Saks Off 5th were hacked and 5 million credit cards are available to be sold on the black market. The breach is one […]
Continue reading → [DISPLAY_ACURAX_ICONS]Last week there were multiple reports that Petah Tekvah, Israel based Cellebrite could unlock any iPhone up to and including the iPhone X running the most current version of the Apple OS, but you had to send the phone to them along with a check for $1,500, per phone. This week there is a report […]
Continue reading → [DISPLAY_ACURAX_ICONS]I am always skeptical about these lawsuits. One issue is usually “standing”, but in this case, I don’t think this will be an issue. Often, if the party being sued thinks they are going to lose, they tend to settle, quietly, with no precedent from a court decision. In this case, I predict this one […]
Continue reading → [DISPLAY_ACURAX_ICONS]The twins bugs of Meltdown and Spectre are a once in a career event for security pros. Most bugs are found quickly – these have been around for 20+ years. Most bugs affect one hardware platform like Intel or AMD or are not related to any specific hardware device. Spectre affects every modern computing processor […]
Continue reading → [DISPLAY_ACURAX_ICONS]Tech Crunch is reporting that Intel told customers about the Meltdown and Spectre flaws before the public announcement, but they did not tell the U.S. Government about it. Most of the time, it is the other way around. The U.S. Government knows about a flaw but doesn’t tell the company who can do something about […]
Continue reading → [DISPLAY_ACURAX_ICONS]