InfoSec Week 8, 2018

Posted on 22 February 2018

Fraudsters are impersonating authors and publishing computer generated books so they can launder money via Amazon.

Crooks made over $3 million by installing cryptocurrency miners on Jenkins Servers by exploiting Java deserialization RCE vulnerability (CVE-2017-1000353) in the Jenkins.

Tesla's Kubernetes installed in the Amazon AWS infrastructure was compromised by hackers.They have set up private cryptocurrency mining pool there.

The co-founder of WhatsApp, Brian Acton, has given $50 millions to support Signal messenger and create a self-sustaining foundation. Very good news for this donation funded privacy technology.

Hackers are exploiting the CISCO ASA vulnerability (CVE-2018-0101) in attacks in the wild.

Security Researcher Troy Hunt published half a billion passwords collected and processed from various breaches. There is also API for this dataset, and some statistics about the password usage.

There is a critical vulnerability in Mi-Cam baby monitors that let attackers spy on infants. At least 52k users are affected.

Public key cryptography explained in the form of Ikea instructions. Check other images as well!

Comments !