Executive News Roundup – February 4, 2018

All companies and organizations are required to disclose breaches and the numbers are a lot higher than ever according to a report by the Identity Theft Resource Center. Breaches now are even mainstream entertainment plots. In healthcare, most breaches were hacking/IT incidents, while there were many other reports of unauthorized access/disclosure, losses or thefts, and improper disposal of papers and films.

In the never ending news on Meltdown and Spectre, Microsoft released an out-of-band patch which actually enables users to disable a different patch by Intel because of “higher than expected reboots and other unpredictable system behavior“.

There are still not 100% effective solutions to address Meltdown and Spectre. There are more and more in-the-wild malware searching for machines that still are vulnerable to Meltdown and Spectre.

Mozilla released a critical patch for Firefox to address a remotely exploitable flaw. And Lenovo released a patch that allowed authentication bypass by using a hard-coded password.

On the flip side of patches, as of Feb 1, a zero-day bug in Adobe Flash Player has not been addressed yet. The bug is reported as being actively exploited to attack South Koreans by North Korea.

With hardware physical security, Jackpotting attacks are being reported in the US.

Although there are many benefits to fitness trackers, there are also downsides. Recently, soldiers’ fitness trackers revealed classified information regarding locations and routines.

There are many words that people use, but some of them are not in the dictionary. Well, the word “ransomeware” just made it into the Oxford English Dictionary!