Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- [PDF] Pathways into cybercrime
- US building a case against Wikileaks
- Fraudulent tax returns for 7 mln USD
- Amateur spying on spouses
- Ex-admin sabotaged company database
For the more technical
- Stealing sensitive browser data with the W3C Ambient Light Sensor API
- DOUBLEPULSAR shellcode analysis
- Link between recent NSA toolset leak and Stuxnet
- Analysis of some NSA tools
- Tool for searching for TrueCrypt containers
- Persistence based on Microsoft Office
- Some US banks accept passwords that are not case sensitive
- What happens when you report a 0day to a bank
- RCE in Squirrelmail
- Overview of EMEA region attacks
- Locating Kim Jong-un
- Fake Google certificates
- Multiple vulnerabilities in Linksys routers
- CSRF in Facebook mechanism
- Abusing corporate webmail for C&C and exfiltration
- Wrong 2FA implementation in LastPass
- Cardinal RAT analysis
- Malicious app existed for 3 years in Android store
- NSA’s 0day in cPanel patched a few months ago
- Critical vulnerability in a popular Drupal module
- Analysis of a possible member of Winnti group
- [PDF] Security analysis of open source libraries used in apps
- Unitrends software vulnerabilities part 1, part 2
- Whitehat worm attacking IOT
- Pentest reports repository
- CTF infrastructure hacked
- [PDF] Deanonymizing Monero
- Controversy around AV testing
- List of unfixed security bugs
- Deanonymizing Edge users
- Analysis of a malicious DOC file
- An interesing attack on Edge
- RCE on Asus projector
- Disarming EMET
- Hacking Belkin KVM
- Andromeda botnet campaign
- RCE via GIF file
- Mirai experiments with bitcoin mining
- Ursnif campaign analysis
- Attacks on CVE-2017-0199
- Malware avoiding detection
- [PDF] HTTPS traffic analysis
- {PDF] Magento RCE
- [PDF] CLDAP DDoS
Did you enjoy this list? You can retweet it and subscribe to one of our feeds on Twitter, Facebook or RSS.
1 thought on “IT Security Weekend Catch Up – April 22, 2017”