Welcome to This Week’s [in]Security. We’ve collected and grouped together a selection of this week’s news, opinions, and research. Quickly skim these annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.
Recent penetration test report on RDP showing significant systematic weaknesses and challenges to achieving secure configurations https://www.exploit-db.com/docs/41621.pdf (Note: the attack uses arp spoofing but could easily be implemented using wide area techniques like DNS compromise)