Wednesday, May 9, 2018

Rowhammer returns: PoC exploit shows Android attacks possible

Security Digest
Information security news and advice from TechTarget's network| May 9, 2018
TechTarget
FEATURED STORY
Remote Android Rowhammer attack possible, but scope limited
by Michael Heller, Senior Reporter
A new Android Rowhammer PoC proves an attack is possible, but an expert said the limited scope of affected devices and feasibility of performing the attack lessens the danger. (SearchSecurity.com)
Advertisement
NEWS
 
Microsoft patches Internet Explorer zero-day 'Double Kill'
Microsoft's Patch Tuesday for May includes fixes for two zero-day vulnerabilities under attack, including an Internet Explorer exploit known as Double Kill. (SearchSecurity.com)
 
Google I/O's security and privacy focus missing on day one
During Google I/O, security and privacy talk was surprisingly absent from keynotes, except for a few cursory mentions in indirect ways. (SearchSecurity.com)
 
Risk & Repeat: RSAC 2018 recap, part two
In this week's Risk & Repeat podcast, SearchSecurity editors discuss more trends and takeaways from RSA Conference 2018, from incident response services to AI and automation. (SearchSecurity.com)
 
AMD patches in testing with ecosystem partners
The timeline for the AMD patches promised to fix chipset flaws disclosed in March is being criticized, but AMD said the patches are being tested by partners and are still on track. (SearchSecurity.com)
 
Twitter bug exposes passwords of all 336 million users
On none other than World Password Day, a Twitter bug was announced that led to the passwords of all 336 million users being stored in plaintext in an internal log. (SearchSecurity.com)
 
Facebook APIs used by tens of thousands of malicious apps
News roundup: Researchers find tens of thousands of malicious apps use Facebook APIs and can access user data. Plus, AWS threatens to suspend Signal's use of the platform, and more. (SearchSecurity.com)
EXPERT ADVICE
 
How security automation and orchestration impacts enterprises
The use of security automation and orchestration systems is on the rise, as they have the ability to provide automatic responses to threats. Learn how this benefits the enterprise. (SearchSecurity.com)
 
Cloud DDoS attacks: How to protect your enterprise
Protecting an organization against cloud DDoS attacks doesn't have to be expensive. Expert Frank Siemons discusses the options for cost-effective DDoS protection. (SearchCloudSecurity.com)
 
How the BloodHound tool can improve Active Directory security
Auditing Active Directory can be made easier with tools like the open source BloodHound tool. Expert Joe Granneman looks at the different functions of the tool and how it can help. (SearchSecurity.com)
 
How will the new WPA3 protocol strengthen password security?
The development of WPA3 helps advance Wi-Fi protocol, as the next generation of Wi-Fi-enabled devices begins to demand more. Expert Michael Cobb explains how it differs from WPA2. (SearchSecurity.com)
About This E-Newsletter
This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for.

TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com

Copyright 2018 TechTarget. All rights reserved.
TechTarget

No comments: