Application Security Weekly for May 13

Thousands of Companies Are Still Downloading the Vulnerability That Wrecked Equifax

http://fortune.com/2018/05/07/security-equifax-vulnerability-download/

 

Another fun iOS bug - The Black Dot of Death

https://www.cultofmac.com/546951/black-dot-of-death-bug/

 

The Nest doorbell doesn't invalidate existing OAUTH refresh tokens when the password is changed.  How could they miss that?

https://www.theinformation.com/articles/how-amazons-latest-security-device-let-people-spy-on-you

 

Introducing Throwhammer - Rowhammer over the network

https://thehackernews.com/2018/05/rowhammer-attack-exploit.html

 

And that's the news.

S

Comments are closed
Mastodon