IT Security Weekend Catch Up – November 17, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Credit freezes are one easy way to protect against identity fraud
  2. Russian man charged with running money-back-guaranteed criminal marketplace
  3. US vets targeted by foreign actors aiming to sway elections
  4. Ghost ships, crop circles, and soft gold: A GPS mystery in Shanghai

For the more technical

  1. Paged Out! #2 it’s free to download (PDF)
  2. November 2019 Microsoft Patch Tuesday
  3. Adobe patches critical remote code execution bugs in Illustrator
  4. SAP Security Patch Day – November 2019
  5. Android Firmware Vulnerabilities – November 2019
  6. Free antivirus apps requesting huge amounts of dangerous permissions they don’t need
  7. Opening Pandora’s box through ATFuzzer: Dynamic analysis of AT interface for Android smartphones (PDF)
  8. The road to Qualcomm TrustZone apps fuzzing
  9. New WhatsApp bug could have let hackers secretly install spyware on your devices
  10. TPM—Fail: TPM meets timing and lattice attacks (PDF)
  11. Cisco ASA & Firepower Threat Defense remote code execution vulnerability
  12. Experts found a backdoor in Siemens PLCs. Critical infrastructure and SCADA networks affected
  13. TCP amplification attacks
  14. DDoS attacks in Q3 2019
  15. Telegram MTProxy servers used to DDoS Iranian cloud provider
  16. NTRU public key cryptosystem explained
  17. Introduction to APK Reverse Engineering – bypassing Root Detection and Certificate Pinning
  18. All is XSS that comes to the .NET
  19. Injection points in popular image formats
  20. Bypassing authentication on SSH bastion hosts
  21. Clever WebEx spam use Cisco redirect to deliver RAT malware
  22. Iranian hacking group built its own VPN network
  23. More than a dozen obfuscated APT33 botnets used for extreme narrow targeting
  24. PureLocker: New ransomware-as-a-service being used in targeted attacks against servers

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *