Pizza Hut Breach

If you use your credit card at Pizza Hut‘s site or mobile app, you need to check the transaction history.  No details yet of how the hack happened.

WPA2 Krack Attack

A new vulnerability in WPA2 wireless security involving the encryption key handshake can be exploited to allow full access to traffic. Patches are forthcoming.

Note that traffic may have a second layer of encryption, such as https, which helps mitigate the risk.  Microsoft has already released patches for supported OSes.

Yahoo:All 3 Billion Accounts Hacked in 2013

All Yahoo accounts were affected in 2013’s hack.  It seems that the passwords were hashed using MD5, which is considered unsecure.

Breach at Sonic Drive Ins

Up to 5 million card details were put on sale via a dark web site.

Website JavaScript Mining Crypto Currency

Some Websites, such as the Pirate Bay and Showtime, have served Javascript to users via a browser to mine cryptocurrency.  This causes the computationally intensive mining to occur on the user’s PC.

CCleaner 5.33 Infected with Malware

If you’ve downloaded CCleaner, check the version number.  An infected version, signed with Avast’s certificate and delivered from official servers, contained malware.

BlueBourne:Full Access to Your Bluetooth Enabled Device

Full root access within 32 feet.  Android and Linux are particularly vulnerable.  Windows has been patched and Google has released patches for Android.  Apple devices may be immune.

Bashware:Malware Using Windows Subsystem for Linux

Windows 10 can have a bash (Linux command interpreter) shell via WSL.  This system can be used to create malware that can’t be detected at this time.

Equifax Breach: What You Should Know

Sensitive information on customers has been stolen from Equifax and here’s what you should know about it.

Android 8 Security Improvements

Google has hardened Android and improved security in multiple ways for the latest Android OS.