IT Security Weekend Catch Up – April 21, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Facebook moves 1.5bn users out of reach of new European privacy law + more information
  2. Deleted Facebook cybercrime groups had 300,000 members
  3. UK GCHQ spy agency warns telcos of the risks of using ZTE equipment and services
  4. Loud sound from fire alarm system shuts down Nasdaq’s data center
  5. Teen charged in Nova Scotia government breach says he had ‘no malicious intent’
  6. Bitcoin heist suspect reportedly walked out of low-security prison, onto flight
  7. Woman who hacked airline network busted through VPN logs
  8. The mystery hacker who stole data on 168 million people
  9. Hackers once stole a casino’s high-roller database through a thermometer in the lobby fish tank
  10. Hamas-linked spyware targeting Palestinians removed from Google Play store
  11. Apple might be trying to hinder GrayKey, the popular iPhone-unlocking device for cops
  12. A sobering look at fake online reviews
  13. Let’s stop talking about password strength

For the more technical

  1. Ransomware XIAOBA repurposed as file infector and cryptocurrency miner
  2. Tens of thousands of Facebook accounts compromised in days by malware
  3. Hacking group in Brazil targets IoT devices with malware
  4. Decoding network data from a Gh0st RAT variant
  5. The increasing affordability of Crimeware as a Service
  6. Q1 2018 results: Gozi (Ursnif) takes larger piece of the pie
  7. PBot: a Python-based adware
  8. Recent findings from CCleaner APT investigation
  9. Minecraft players exposed to malicious code in modified “skins”
  10. PowerHammer: Exfiltrating data from air-gapped computers through power lines (PDF)
  11. Over 20,000,000 of Chrome users are victims of fake ad blockers
  12. Roaming Mantis uses DNS hijacking to infect Android smartphones
  13. Google explains new Private DNS setting in Android P
  14. Opera VPN app to be permanently discontinued as of April 30th, 2018
  15. How Android phones hide missed security updates from you
  16. Oracle Critical Patch Update for April 2018
  17. What harm can come from missing 59,000 vulnerabilities?
  18. Apple Safari – Wasm section exploit (PDF)
  19. Drupalgeddon2 exploit added to Metasploit
  20. Drupalgeddon2 – an analysis of payloads observed in the wild + additional information
  21. CKEditor 4.9.2 with a security patch released
  22. A flaw could allow easy hack of LG Network-attached storage devices
  23. Device vulnerabilities in the connected home
  24. Foscam IP video camera firmware recovery unsigned image vulnerability
  25. Cisco has patched WebEx & UCS
  26. Critical vulnerabilities in Schneider Electric industrial solutions
  27. Rockwell Automation switches exposed to attacks
  28. Malicious activities with Google Tag Manager
  29. Whatsapp user’s IP disclosure with Link Preview feature
  30. Third-party trackers abuse Facebook Login
  31. Multiple million-plus-follower Instagram influencers report hacking
  32. LinkedIn fixes AutoFill button that allowed rogue harvesting of user data
  33. Guild Wars 2 monitored all running process in order to ban users
  34. Russian state-sponsored cyber actors targeting network infrastructure devices + more information
  35. Gold Galleon hacking group plunders shipping industry
  36. How a private intelligence platform leaked 48 million personal data records
  37. How crackers ransack passwords like “qeadzcwrsfxv1331”
  38. Browser password and passphrase generator audit
  39. Sitting with the cyber-sleuths who track cryptocurrency criminals

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *