Security Snafus – May 2018
Approximately one year ago, we had highlighted the overabundance of information security-related issues that were prominently featured in the news. Organizations have apparently missed the memos and in-depth articles that provided valuable insight into how to avoid mistakes that impact the potential customer base. We’re only half way through this month, yet have been graced with the following gems:
- Chili’s payment systems were compromised with malware.
- Intel’s delays related to errata within “v1.0 fixes” and the associated lack of agility related to mitigating Spectre and Meltdown will be repeated for Spectre Next Generation (NG).
- Oracle Access Manager can be trivially exploited.
- Two undisclosed vulnerabilities in Microsoft’s ecosystem are being actively exploited.
- Vulnerabilities abound within adjunct tools that may automatically decrypt encrypted e-mails.
- Potentially misunderstood processor vendor debugging documentation resulted in this cross-platform fix.