Another week done, another week of news to recap. Good stuff as usual, enjoy!
- Cisco has warned of a 0-Day vulnerability affecting a large number of their switch models that was discovered in the massive “Vault 7” data dump. Vulnerability relies on an enabled Telnet connection, which hopefully you don’t have and are using SSH instead. However, if you do use Telnet for managing your CISCO switch, you might want to read on.
- Read More @ http://thehackernews.com/2017/03/cisco-network-switch-exploit.html
- A Turkish hacking is claiming to have access to 300 million iCloud accounts and will wipe the iPhones in question unless their ransom demands are met. Curious to see if there is any actual truth to this.
- Read More @ https://motherboard.vice.com/en_us/article/hackers-we-will-remotely-wipe-iphones-unless-apple-pays-ransom
- In possibly the biggest story of the week, the U.S Senate has voted to overturn the consumer privacy rules passed by the FCC last year that would prevent the ISPs from selling your private information. Essentially what this amounts too is that the Senate republicans don’t give a damn about your privacy, if it gets in the way of corporate profit. And to put the icing on this horrible decision, it also includes language that would essentially prevent the FCC for ever trying to do something similar in the future.
- Read More @ http://www.darkreading.com/vulnerabilities—threats/us-senate-overturns-obama-consumer-privacy-rule/d/d-id/1328479
- Second WikiLeaks dump of CIA documents shows some interesting information on the CIA’s subverting of iPhone and MAC security, showing that the agency might have even interdicted the iPhone supply chain to accomplish their goals.
- Read More @ https://www.nytimes.com/2017/03/23/technology/cia-spying-mac-computers-wikileaks.html?_r=0
- Next, an interesting read that takes a look at the value of certifications. Usually these articles I tend to ignore as they are a dime a dozen but this was an interesting read.
- Read More @ https://www.infosecurity-magazine.com/news-features/security-certifications-useless
- Trump announced a $1.5bn dollar security budget that is meant to go towards securing federal government, and critical infrastructure.
- Read More @ https://www.scmagazine.com/trump-announces-15bn-for-cyber-security-and-critical-infrastructure/article/645155/
- Last story of the day, a good read from Core Security on 5 common security mistakes. Check it out, interesting read.
- Read More @ https://www.coresecurity.com/blog/5-common-cyber-security-mistakes\