IT Security Weekend Catch Up – April 10, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. [VIDEO] How Quad9 got started, DNS encryption, and how Quad9 protects your privacy and security
  2. Signal adds a payments feature – with a privacy-focused cryptocurrency
  3. Leaked phone number of Mark Zuckerberg reveals he is on Signal
  4. Adult content from hundreds of OnlyFans creators leaked online
  5. Data leak: 500 million LinkedIn user data for sale in underground forum
  6. LinkedIn spear-phishing campaign targets job hunters
  7. Dutch man gets two years in prison for hijacking 13,762 online store accounts
  8. Leading cosmetics group Pierre Fabre hit with $25 million ransomware attack
  9. Google’s top security teams unilaterally shut down a counterterrorism operation

For the more technical

  1. Breaking RAR5 and 7Zip passwords
  2. BleedingTooth: Linux Bluetooth zero-click remote code execution
  3. Pwn2Own 2021 – schedule and live results
  4. [VIDEO] Pwn2Own 2021 – day one, day two, day three
  5. PHP language source code compromise attempt
  6. Zero click vulnerability in Apple’s macOS Mail
  7. Distributing unnotarized Mac apps in a text file
  8. RCE on Starbucks Singapore and more for $5600
  9. Attacker use of the Windows Background Intelligent Transfer Service
  10. Mobile handset privacy: Measuring the data iOS and Android send to Apple and Google (PDF)
  11. Cloudflare says new hCaptcha bypass doesn’t impact its implementation
  12. The rise and fall of illicit cardshop breached twice in two years
  13. Online gift card shop breached: 330k payment cards and $38m in gift cards exposed
  14. Finding malicious cryptojacking images in Docker Hub
  15. Fake jQuery files infect WordPress sites with malware
  16. Ziggy ransomware shuts down and releases victims’ decryption keys
  17. Vulnerability in FortiGate VPN servers is exploited in Cring ransomware attacks
  18. REvil ransomware now changes password to auto-login in Safe Mode
  19. New advanced Android malware posing as “System Update”
  20. New wormable Android malware spreads by creating auto-replies to messages in WhatsApp
  21. Gigaset smartphones infected with malware due to compromised update server
  22. A deep dive into Saint Bot, a new downloader
  23. BadBlood: TA453 targets US and Israeli medical research personnel in credential phishing campaigns
  24. What is Astro Locker Team?
  25. The leap of a Cycldek-related threat actor
  26. Threat group uses voice changing software in espionage attempt

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *