IT Security Weekend Catch Up – April 17, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Internet voting is ‘not secure’ and blockchain won’t help, warns scientific body
  2. Dutch police take down 15 DDoS services in a week
  3. Security lapse exposed Clearview AI source code
  4. PayPal and Venmo are letting SIM swappers hijack accounts
  5. Over 500,000 Zoom accounts sold on hacker forums, the dark web
  6. Account details for 4 million Quidd users shared on hacking forum
  7. Phishing kit prices skyrocketed in 2019 by 149%
  8. Signal: 230, or not 230? That is the EARN IT question

For the more technical

  1. [VIDEO] OffensiveCon20 Talks
  2. Microsoft April 2020 Patch Tuesday comes with fixes for three zero-days + more information
  3. Oracle Critical Patch Update Advisory – April 2020
  4. Hackers are selling a critical Zoom zero-day exploit for $500,000
  5. TikTok vulnerability enables hackers to show users fake videos
  6. CVE-2020-7958 biometric data disclosure vulnerability in OnePlus 7 Pro Android phone
  7. Multiple kernel vulnerabilities affecting all Qualcomm devices
  8. Improper access control in VMware vCenter Server
  9. SAP Security Patches April 2020: 5 HotNews and 29 total fixes for SAP products
  10. Siemens industrial devices affected by ‘SegmentSmack’ Linux kernel flaw
  11. Discovering fake browser extensions that target users of Ledger, Trezor, MEW, Metamask, and more
  12. Grandstream and DrayTek devices exploited to power new Hoaxcalls DDoS botnet
  13. Inside the largest Connected TV bot attack
  14. Threat actors migrating to the cloud
  15. APT41 using new Speculoos backdoor to target organizations globally
  16. Guidance on the North Korean cyber threat (PDF)
  17. Grandoreiro malware now targeting banks in Spain
  18. Financial cyberthreats in 2019
  19. Malicious attackers target government and medical organizations with COVID-19 themed phishing campaigns
  20. Linksys forces password reset for Smart Wi-Fi accounts after router DNS hack pointed users at COVID-19 malware
  21. Russian state hackers behind San Francisco airport hack
  22. Massive data leak exposes US energy sector to cyberattack
  23. PoetRAT trojan targets energy sector using coronavirus lures
  24. RagnarLocker ransomware hits EDP energy giant, asks for €10M
  25. Sodinokibi Ransomware to stop taking Bitcoin to hide money trail
  26. COVID-19 goes mobile: Coronavirus malicious applications discovered
  27. Contact Tracing – Bluetooth Specification (PDF)
  28. You lost your second authentication factor. Now what?
  29. AiR-ViBeR: Exfiltrating data from air-gapped computers via covert surface vibrations

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *