Linux hacking, Petya, and Windows – Paul’s Security Weekly #520

July 5, 2017

Separating the hacked and the paranoid, remote Linux hacking, Petya goes postal at FedEx, today’s mainstream hacktivism tools, and why choosing Windows should get you fired!

Paul's Security News Stories

  1. Separating the Paranoid from the Hacked
  2. Choosing Windows for your organization should get you fired - I love this because it is to controvertial of a viewpoint, and rocks the boat: In the wake of yet another ransomware attack—this time named NotPetya—I have a special message specifically for those of you working in organizations that continue to run Microsoft Windows as the operating system on either your servers or your desktops: You are doing a terrible job and should probably be fired. I know. That’s harsh. But it’s true. If you haven’t yet replaced Windows, across the board, you absolutely stink at your job.
  3. Virus (cough, cough, Petya) goes postal at FedEx, shares halted - FedEx has suspended trading of its shares on the New York stock exchange after admitting that its subsidiary TNT Express has been hit by "an information system virus."
  4. US reveals new airport security measures to avoid expanding laptop ban
  5. IoT Vulns Draw Biggest Bug Bounty Payouts - Finding vulnerabilities tied to the Internet of Things (IoT) carries the potential to capture payouts that are considered among the most lucrative for bug hunters, according to reports released Wednesday by Bugcrowd and HackerOne. IoT and hardware bugs found in such devices as routers, webcams, wearables, and automobiles pay an average of $724 per submission, which is substantially higher than the overall average of $451 per submission last year, according to Bugcrowd. As a result, IoT and hardware targets are viewed as the targets with the highest value.'
  6. Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response
  7. The Life, Death, And Legacy Of iPhone Jailbreaking - Awesome article: Things, however, have changed. The jailbreaking community is fractured, with many of its former members having joined private security firms or Apple itself. The few people still doing it privately are able to hold out for big payouts for finding iPhone vulnerabilities. And users themselves have stopped demanding jailbreaks, because Apple simply took jailbreakers' best ideas and implemented them into iOS. I mean, you can also just buy a phone from Google and run Android...
  8. Doxing, DoS & Defacement: Today's Mainstream Hacktivism Tools
  9. Hacking nuclear submarines how likely is the nightmare scenario?
  10. Linux Systemd Bug Could Have Led to Crash, Code Execution
  11. WikiLeaks Reveals How CIA Malware Tracks Geo-Location of its Targeted
  12. Enterprises just as vulnerable to IT risk as SMBs, Netwrix survey finds

Jeff's Security News Stories

  1. How an Entire Nation Became Russia’s Test Lab for Cyberwar
  2. British Navy’s Advanced New Aircraft Carrier Reportedly Runs on Windows XP
  3. Nato warns cyber attacks 'could trigger Article 5' as world reels from Ukraine hack
  4. Latest Ransomware Wave Never Intended to Make Money
Full Show Notes [audio src="http://traffic.libsyn.com/pauldotcom/Security_News_-_Pauls_Security_Weekly_520_converted.mp3"]
prestitial ad