There's a Linux vulnerability called SACK Panic (among other names) that takes advantage of a kernel feature called Selective ACK. The feature lets systems tell the other side of the conversation how much data it's received, and it turns out it can be overflowed or fuzzed. The former creates a crash, and the latter creates a slowdown. You should patch. And if you have any services facing the internet running Linux, you should definitely patch. More
A Florida city paid $600,000 in bitcoin to get access to their data back from a ransomware gang. More
Magic Leap is suing former engineer Chi Xu for allegedly using his knowledge of the headset to make a version for China. More
The average security group is running over 50 security tools. As my friend Jeremiah once said when looking at a Momentum Partners slide, "Are we secure yet?" More
Amazon just got a patent for using delivery drones for surveillance. I don't necessarily think that means they'll use delivery drones for surveillance though. That's what a lot of the conspiracy theorists will say, though—just based on them getting a patent for using delivery drones for surveillance. Actually, the patent is a bit more benign than my joke implies. It's designed to monitor opted-in people's property, a lot like a house camera or a Ring device. Makes sense. But still. More
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.