Apple closes that big root hole – “Install this update as soon as possible”

Apple has addressed their “logic error” surrounding credentials.  Please patch your MacOS High Sierra deployments as soon as possible.

https://nakedsecurity.sophos.com/2017/11/29/apple-closes-that-big-root-hole-install-this-update-as-soon-as-possible/

Apple Works to Fix Serious Mac Security Bug

If you are a Mac user or have Mac users you support, please take time to mitigate this problem by setting the root password by following the instructions provided by Apple and referenced in these articles.  Hopefully a patch is coming soon.

https://www.infosecurity-magazine.com/news/apple-works-to-fix-serious-mac/

https://www.macrumors.com/2017/11/28/macos-high-sierra-bug-admin-access/?utm_source=feedly&utm_medium=webfeeds

Uber Shock: Firm Hid Breach of 57 Million Users

Here is a little bit of warm and fuzzy reading for all as we enter into a huge travel season.  Uber was breached.  Bad!  Uber paid the bad guys to cover it up.  Worse!  Ultimately, the expense was passed along to a trusting consumer.  Worst and sadly typical!

I think it might be time to shift to Lyft or maybe even go back to supporting all the hard working taxi drivers out there.  Bad form Uber.  Bad form!

https://nakedsecurity.sophos.com/2017/11/22/uber-suffered-massive-data-breach-then-paid-hackers-to-keep-quiet/

https://threatpost.com/uber-reveals-breach-of-57-million-users-admits-to-covering-up-incident/128969/

https://www.infosecurity-magazine.com/news/uber-shock-firm-hid-breach-57/

https://blog.knowbe4.com/uber-total-loss-57-million-records-stolen-but-data-breach-was-hidden-for-a-year

Amazon Creates Classified US Cloud

The thread responses in this post from Bruce Schneier are almost as entertaining as the linked content from the Washington Post.  If you ever doubted that the cloud movement was unstoppable, it is time to reconsider.

On a lighter note, the arguments many will have with HIPAA and PCI consultants over cloud storage of sensitive data should get more entertaining.  “But Uncle Sam gets to do it…why can’t I?”

https://www.schneier.com/blog/archives/2017/11/amazon_creates_.html