More IoT fun. Time to hack someone’s dishwasher. Yup, suddenly spying microwaves aren’t that crazy an idea.
Don’t say you weren’t warned: Miele went full Internet-of-Things with a dishwasher, gave it a web server and now finds itself on the wrong end of a bug report and it’s accused of ignoring.
Source: Dishwasher has directory traversal bug
Oh dear. Password manager with vulnerabilities. The team response is troubling to say the least. Lets hope they are really more competent than that.
In an eyebrow-raising declaration, according to Ormandy, LastPass had said they couldn’t get his code execution exploit to work, however the security researcher was calling the Windows Calculator executable in his code, while LastPass was examining the code on a Mac.
Google cyber-sleuth Tavis Ormandy has returned to examining LastPass, and a new lot of vulnerabilities have been discovered.
Source: LastPass hit by password stealing and code execution vulnerabilities | ZDNet
Get this: you are running Microsoft Edge in a VM and visiting a website. Your VM gets compromised and the malware jumps out of the VM to the host. The Qihoo security team has been coming up with a number of very impressive hacks.
Hack worked by stitching together three separate exploits.
Source: Virtual machine escape fetches $105,000 at Pwn2Own hacking contest [updated]
One of Amazon AWS service – specifically S3 – goes down (and recovers eventually) but many sites are affected. It’s not as bad as the Dyn DDoS attack but it’s a reminder how many companies now rely on Amazon to power their services.
Amazon’s S3 web-based storage service is experiencing widespread issues, leading to service that’s either partially or fully broken on websites, apps and..
Source: Amazon AWS S3 outage is breaking things for a lot of websites and apps
Edit (2017-03-03): Amazon released a summary of what happened. The tl;dr version is this: fat-fingered engineer.