IT Security Weekend Catch Up – April 19, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Facebook says it ‘unintentionally uploaded’ 1.5 million people’s email contacts without their consent
  2. Facebook now says its password leak affected ‘millions’ of Instagram users
  3. Russia fines Facebook $50 for failing to comply with local data privacy law
  4. Hackers could read your Hotmail, MSN, and Outlook emails by abusing Microsoft support
  5. Microsoft loses control over Windows Tiles subdomain
  6. A hacker has dumped nearly one billion user records over the past two months
  7. India’s Wipro investigating potential breach of some employee accounts + more information
  8. Cyber-security firm Verint hit by ransomware
  9. Former student destroys 59 university computers using USB Killer device
  10. ‘Flash Boys’ trading bots are running wild on crypto exchanges
  11. Hackers steal more than $50 million in cryptocurrency in 15 months
  12. Moscow server hosted WikiLeaks and Iran’s hackers weeks apart
  13. Demonoid founder ‘Deimos’ is believed to have passed away

For the more technical

  1. Oracle Critical Patch Update Advisory – April 2019
  2. New zero-day vulnerability CVE-2019-0859 in win32k.sys
  3. Internet Explorer browser flaw threatens all Windows users
  4. Security flaw in EA’s Origin client exposed gamers to hackers
  5. Linux: Privilege escalation by injecting process possessing sudo tokens
  6. Apache Tomcat patches important remote code execution flaw
  7. Adblock Plus filter lists may execute arbitrary code in web pages
  8. Reverse-engineering Broadcom wireless chipsets
  9. DNS hijacking abuses trust in core internet service
  10. DNS tunneling in the wild: Overview of OilRig’s DNS tunneling
  11. ‘Land Lordz’ service powers Airbnb scams
  12. Potential targeted attack uses AutoHotkey and malicious script embedded in Excel file to avoid detection
  13. Source code of Iranian cyber-espionage tools leaked on Telegram
  14. Pirates of Brazil: Integrating the strengths of Russian and Chinese hacking communities
  15. Spear phishing campaign targets Ukraine government and military
  16. Massive eGobbler malvertising campaign leverages Chrome vulnerability to target iOS users
  17. Chamois: The big botnet you didn’t hear about
  18. Electrum Bitcoin wallets under siege
  19. Miner malware spreads beyond China, uses multiple propagation methods
  20. Account with admin privileges abused to install BitPaymer ransomware via PsExec
  21. ‘NamPoHyu Virus’ ransomware targets remote Samba servers
  22. The Qrypter payload malware has been finally decrypted
  23. New HawkEye Reborn variant emerges following ownership change
  24. Inside Scranos – a cross platform, rootkit-enabled spyware operation
  25. Tchap: The super (not) secure app of the French government
  26. Tic Toc pwned – child tracking smartwatch API flaws
  27. FLASHMINGO: The FireEye open source automatic analysis tool for Flash

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *