SECURITY NEWS
Security researchers found that Chinese electronics company Eufy (part of Anker) has major vulnerabilities in its security cameras. The issues include uploading data to the cloud when they said they weren’t, and the existence of a URL endpoint that allows an attacker to stream live video without encryption. MORE
Attackers are hitting a Redis vulnerability and deploying a new piece of malware called Redigo. Make sure you don’t have unnecessary/unsecured Redis (port 6379) listening on the internet. MORE
Two power substations were damaged by gunfire in North Carolina on Sunday. The damage caused power outages for tens of thousands and will take days to repair. MORE
TikTok’s CEO said in a recent interview about US TikTok data, “no foreign government has asked us for user data before, and if they did we would say no.” Appreciate that, but there’s not a foreign government we’re more worried about than yours. MORE
South Dakota has banned TikTok on state-owned devices. MORE
Rackspace had a security incident that took out their hosted Exchange services. They’re still investigating. MORE
LastPass can’t catch a break and has reported a third update to their original breach back in August. This time they’re saying that some customer data was accessed, but not any passwords because passwords aren’t accessible to them either. Stay strong, security team; this has to have been a rough 5 months. MORE
Vulnerabilities:
Nvidia has patched 29 GPU driver bugs that can lead to code execution and
Read more