Latest news from Naked Security (2019/03/05)

Companies are flying blind on cybersecurity

IT managers are flying blind in the battle to protect their companies from cyber attacks, according to a new Sophos survey.

Comcast security nightmare: default ‘0000’ PIN on everybody’s account

It didn’t require an account PIN to switch carriers. Everybody uses 0000, it said, making it easier for customers… and phone hijackers.

Update now! Critical Adobe ColdFusion flaw now being exploited

Adobe has issued an urgent patch for a critical flaw in the ColdFusion web development platform it says is being exploited in the wild.

Windows IoT Core exploitable via ethernet

Microsoft’s IoT version of Windows is vulnerable to an exploit that could give an attacker complete control of the system.

Apple gets bug for free, while HackerOne declares first $1m bug hunter

An Argentinian has garnered $1m in bug bounties, while a German researcher has given up on getting any bounty at all from Apple.