Month: May 2018

Microsoft and Google have jointly disclosed a new side-channel CPU flaw, called Speculative Store Bypass. It is similar to the Spectre exploit that was reported in January 2018. This new exploit would require firmware update to the affected CPU’s. Intel has already released a beta firmware update.

Read more about it here.

Chili’s Grill & Bar, a popular restaurant chain, learned on May 11, 2018 that some guests’ payment card information was compromised at certain Chili’s restaurants. The data incident was limited to between March and April of 2018.

Read more about it here.

Cybersecurity enthusiast Kushagra Pathak discovered a vulnerability in the Trello web management, allowing to mine credentials from doznes of public Trello boards with simple Google queries.

Trello is the project collaboration tool for enterprise and personal use. By default, Trello boards are set to either private or team-visible only. That doesn’t stop users from manually sharing personal boards that include confidential information, which may later by indexed by search engines. The credentials include usernames, passwords, API keys and more.

User should never store credentials on public boards.

Read more about it here.

Hackers once stole Las Vegas casino high-roller database via its fish tank, said Nicole Eagan, the CEO of cyber defense company Darktrace, on April 12, 2018, at the WSJ CEO Council Conference in London.

The hackers were able to breach the thermostat in the fish tank, which was used to control the temperature and quality of the water remotely. They then found the high-roller database, and then pulled that back across the network, out the thermostat, and up to the cloud. The name of the casino wasn’t revealed.

Hackers are increasingly targeting “internet of things” (IOT) devices to find their way into corporate networks.

Read more about it here.