Risk Radar Free Cyber Newsletter – Dec 5, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

Apple Announces Emergency Patch to Fix High Sierra Login Bug
I just missed this event before last week’s Risk Radar. Apple has released patches for the login bug. All users of macOS High Sierra should apply the patch ASAP.
Data breach at PayPal’s TIO Networks unit affects 1.6 million customers
PayPal purchased TIO Networks in July 2017. A data breach that happened to TIO Networks has affected 1.6 million PayPal customers. It is not known what specific information has been compromised at this time. PayPal has said that impacted customers will be eligible for free credit monitoring.
Researchers call bull on Dirty Cow Patch, find flaw
The Dirty Cow exploit in the Linux kernel has been patched. Researchers have found a flaw in the patch that leaves many Linux distributions vulnerable to the Dirty Cow exploit. The vulnerability in the Dirty Cow patch is not as bad as the original exploit.
Cisco Patches Critical Playback Bugs in WebEx Players
Remote code execution vulnerabilities in Cisco Systems WebEx player have been patched. The bugs are related to recording in the WebEx player. There are no work arounds for these vulnerabilities other than the patches from Cisco.
Tech Support Scam Malware Fakes the Blue Screen of Death
While I don’t see the Windows blue screen very often these days it is know well enough for attackers to use it in a tech support scam. This attack presents the user with a blue screen that can’t be closed. A fake Windows utility tool offers to “help” you with the issue.
Cybersecurity is a Mess; Can Blockchains Fix It?
Blockchain technology is used in Bitcoin and other cryptocurrencies. This article brings up the uses for distributed ledger technology in the security field. It seems likely that Blockchain technology will be used in non-cryptocurrencies areas.