Threatpost News Wrap, March 27, 2017
The latest Wikileaks dump of Apple hacking tools, the LastPass vulnerabilities, and a new Android security report are discussed.
Chris Brook
About
"Distrust and caution are the parents of security" - Benjamin Franklin
Malware That Targets Both Microsoft, Apple Operating Systems Found
A new strain of malware is designed to spread malware on either Mac OS X or Microsoft Windows, depending on where it’s opened.
LastPass Fixes Three Password Theft Vulnerabilities
LastPass has fixed three bugs in the password manager discovered by Google research Tavis Ormandy in the last 24 hours.
A critical vulnerability in Moodle, an open source system deployed across hundreds of thousands of universities, could expose the server to compromise.
Mozilla patched a zero day uncovered at Pwn2Own in Firefox in 22 hours on Friday.
Mike Mimoso talks to Duo Security co-founder and CTO Jon Oberheide at RSA Conference about Google’s BeyondCorp security model, enforcing perimeter security, how endpoint security has evolved through the years, and the future of passwords.
Hackers pulled off a VM escape and took down Adobe Flash, Microsoft Windows and Edge, Apple Safari and macOS, and Mozilla Firefox at Pwn2Own 2017.
Mike Mimoso and Chris Brook discuss the news of the week, including Pwn2Own 2017, Microsoft’s silence around February’s Patch Tuesday, and a nasty SAP bug.
GitHub awarded $18,000 to a researcher after he came across a remote code execution bug in the company’s enterprise management console.
On the first day of Pwn2Own 2017 hackers poked holes in Adobe Reader, Apple Safari, Microsoft Edge, and Ubuntu Linux.
