Apple has released eight different patches for their AirPort Base Station which patched an issue that made it possible for an attacker to gain access to the system, and the devices connected to it. One such vulnerability used a memory leak bug that allowed devices to be subject to denial of service attacks. Updates for hub devices are critical, sometimes moreso than the devices that they service. Device hubs represent threats due to the lowered safety measures between connected devices, and an infected hub can allow access to every device in range. Phones may not communicate with each other much, but a wireless speaker used by a family interacts with several devices throughout the day.
Source: scmagazine.com/
Canadian financial institution Desjardins found itself involved in a massive breach of 2.9 million customers after an insider caused the leak. Included in this number is 170,000+ business customers data. The leaked information includes the name, date of birth, social insurance number, address, phone number, email address and details about their banking habits. This information does not include the passwords or security information of the users, although it could be used in the future to facilitate an attack. The date of birth and other info makes it easier to answer security questions, and knowledge of the consumer’s banking habits may allow for targeted phishing attacks against an individual.
Source: scmagazine.com
