Latest news from Naked Security (2019/06/19)

Netflix researcher spots TCP SACK flaws in Linux and FreeBSD

Three vulnerabilities in the FreeBSD and Linux kernels could allow attackers to induce a denial-of-service by clogging networking I/O.

Pass the salt! Popular CMSs aren’t securing passwords properly

A group of researchers has discovered that many of the web’s most popular content management systems are using obsolete algorithms to protect their users’ passwords.

Hospitals are being suffocated by robocalls

Some pretend to be hospitals to get patients’ payment data. Others pose as the government and try to get confidential data from hospitals.

Millions of Venmo transactions scraped (again)

Not much has changed since a year ago, when a bot was tweeting out publicly visible Venmo “drug” deals from the public-by-default company.