Security Alerts & News
by Tymoteusz A. Góral

History
#1571 Five myths about machine learning in cybersecurity
Machine learning has long permeated all areas of human activity. It not only plays a key role in the recognition of speech, gestures, handwriting and images – without machine learning it would be difficult to imagine modern medicine, banking, bioinformatics and any type of quality control. Even the weather forecast cannot be made without machines capable of learning and generalization.

I would like to warn about, or dispel, some of the misconceptions associated with the use of ML in the field of cybersecurity.
#1570 Adobe fixes 81 vulnerabilities in Acrobat, Reader, Flash
Adobe patched 81 vulnerabilities across Acrobat, Reader, and Flash on Tuesday, including a handful of critical bugs that if exploited, could allow an attacker to take control of a system.

The lion’s share of vulnerabilities – 71 in total – exist in the company’s Acrobat and Reader platforms.

According to a security bulletin published by the company on Tuesday, most of the Acrobat and Reader updates address memory corruption, use-after-free, and buffer overflow vulnerabilities – all which can lead to code execution – in the software. Two additional patches fix a bypass restriction on JavaScript API execution and a separate security bypass vulnerability that existed in the software. The update brings Acrobat DC and Reader DC to version 15.006.30243 and Acrobat XI and Reader XI to 11.0.18 on both Windows and Macintosh machines.
#1569 IoT botnet uses HTTP traffic to DDoS targets
The IoT botnet behind some of the largest publicly recorded DDoS attacks is flooding its targets with HTTP traffic, generating more than one million requests per second in some cases, in order to bring down web applications.

The attacks were recorded prior to the release of the source code fueling the Mirai malware, which scans the public Internet for IoT devices guarded by weak or default credentials and corrals them into a giant botnet.

Researchers at Cloudflare today published a report on two recent attacks that characterize a recent switch away from SYN flood- and ACK flood-based attacks at Layer 3, to HTTP-based attacks at Layer 7.
#1568 Nuclear power plant disrupted by cyber attack
The head of an international nuclear energy consortium said this week that a cyber attack caused a “disruption” at a nuclear power plant at some point during the last several years.

Yukiya Amano, the head of the International Atomic Energy Agency (IAEA) didn’t go into detail about the attack, but warned about the potential of future attacks, stressing on Monday that the idea of cyber attacks that impact nuclear infrastructure isn’t an “imaginary risk.’
#1567 Microsoft patches five zero days under attack
Microsoft today patched a handful of zero-day vulnerabilities that have been publicly attacked in Internet Explorer, Edge, Windows and Office products. The security updates were included among 10 Patch Tuesday bulletins, half of which were rated critical by Microsoft.

Today also signaled the first time Microsoft issued security updates for older Windows versions (Windows 7 and 8, and Windows Server 2008 and 2012) as single, cumulative security and feature updates.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12