UpGuard has located another misconfigured AWS S3 bucket. This one belongs to Los Angeles County 211, an L.A.-based not-for-profit whose business is providing information and referrals for health and human services in the county. Among the 3.2 million personally identifiable files exposed are logs and notes on suicide distress and domestic abuse calls.
The speculative execution vulnerabilities at the heart of Spectre, Meltdown, and the recently disclosed "Variant 4" represent, observers say, issues at the foundation of most current chipsets. Many expect other flaws to emerge soon.
Trend Micro offers an update on the Confucius threat group. It's still spying on South Asian (mostly Pakistani) targets, but it's moved its infection vector from romance sites to adult content Android apps.
According to ESET, operators of the Turla Trojan package have moved away from the custom backdoors they've hitherto used in their Mosquito campaign. They now initially use Metasploit open-source pen-testing frameworks, then drop their Mosquito backdoor. Turla is widely regarded as run by Russian intelligence services.
Proofpoint outlines the "Brain Food" botnet, which is for the most part engaged in serving up dodgy nutritional products and regimes, often falsely branded as big successes on the popular plutographic TV show Shark Tank. The bots are hawking supplements to help you diet and make you smarter.
The US Administration is squeezing ZTE for leadership changes and China for trade concessions. Congress is skeptical—many members argue ZTE is a security risk.
Zuckerberg's EU testimony lays an egg. (EU questioners lay several, too.)