Neat video.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
Original release date: June 9, 2022CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors…
Twitter was fined $150 million for using phone numbers and email addresses collected for two-factor authentication for ad targeting.
Interesting article about civilians using smartphones to assist their militaries in wartime, and how that blurs the important legal distinction between combatants and non-combatants:
The principle of distinction between the two roles is a critical cornerstone of international humanitarian law—the law of armed conflict, codified by decades of customs and laws such as the Geneva Conventions. Those considered civilians and civilian targets are not to be attacked by military forces; as they are not combatants, they should be spared. At the same time, they also should not act as combatants—if they do, they may lose this status…
Original release date: June 8, 2022CISA has added 36 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors an…
People are leaking classified military information on discussion boards for the video game War Thunder to win arguments—repeatedly.
Original release date: June 7, 2022CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA) to provide information on ways in which People’s Republic of China (PRC) state…
Netflix has a new documentary series airing next week — “Web of Make Believe: Death, Lies & the Internet” — in which Yours Truly apparently has a decent amount of screen time. The debut episode explores the far-too-common harassment tactic of “swatting” — wherein fake bomb threats or hostage situations are phoned in to police as part of a scheme to trick them into visiting potentially deadly force on a target’s address.
For Immediate Release 7 June 2022 Kolide receives a SOC 2 Type 2 Newton, MA – New England Safety Partners (NESP), an Information Security Consulting firm specializing in compliance frameworks, cloud security and business process analysis and implementation today announced that it has helped its client, Kolide, Inc., successfully complete the Service Organization Control (SOC) […]
Original release date: June 7, 2022Owl Labs has released security updates to address a vulnerability (CVE-2022-31460) in Meeting Owl Pro and Whiteboard Owl. An attacker could exploit this vulnerability to obtain sensitive information.
CISA encou…
