Adobe has issued a quick fix for the Flash Player exploit that's been used in the wild against mostly South Korean targets. The attacks have been generally attributed to North Korean operators. North Korean cyber operators are also believed to be engaged in an ongoing campaign to steal cryptocurrency during the run-up to the Olympic Games.
Ledger hardware wallets have been found susceptible to man-in-the-middle attacks. There will be no patch; instead Ledger invites users of the cryptocurrency product to "verify your receive address on the device's screen by clicking on the 'monitor button'."
UpGuard has found another leaky Amazon Web Services S3 bucket. This one belongs to Octoly, a Paris-based firm that connects "influencers" on Instagram, Twitter, and YouTube with companies willing to provide them with goods and services for marketing purposes. Some 12 thousand influencers had their data exposed.
Dutch police have made an arrest in the distributed denial-of-service attacks that disrupted some of the country's financial institutions last week. It's an unnamed teenager from Oosterhout who rented a booter service for unclear reasons. That booter service may explain the Russian IP addresses reported to be associated with the attack traffic.
In testimony before the Senate yesterday, the US Securities and Exchange Commission recommended regulating cryptocurrencies.
In other Congressional hearings, Uber defended its odd "bug bounty" program, but the company also said it was wrong to delay disclosure of its 2016 breach.
In industry news, Proofpoint announced that it will acquire Wombat Security for a reported $225 million.