IT Security Weekend Catch Up – April 22, 2017

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. [PDF] Pathways into cybercrime
  2. US building a case against Wikileaks
  3. Fraudulent tax returns for 7 mln USD
  4. Amateur spying on spouses
  5. Ex-admin sabotaged company database

For the more technical

  1. Stealing sensitive browser data with the W3C Ambient Light Sensor API
  2. DOUBLEPULSAR shellcode analysis
  3. Link between recent NSA toolset leak and Stuxnet
  4. Analysis of some NSA tools
  5. Tool for searching for TrueCrypt containers
  6. Persistence based on Microsoft Office
  7. Some US banks accept passwords that are not case sensitive
  8. What happens when you report a 0day to a bank
  9. RCE in Squirrelmail
  10. Overview of EMEA region attacks
  11. Locating Kim Jong-un
  12. Fake Google certificates
  13. Multiple vulnerabilities in Linksys routers
  14. CSRF in Facebook mechanism
  15. Abusing corporate webmail for C&C and exfiltration
  16. Wrong 2FA implementation in LastPass
  17. Cardinal RAT analysis
  18. Malicious app existed for 3 years in Android store
  19. NSA’s 0day in cPanel patched a few months ago
  20. Critical vulnerability in a popular Drupal module
  21. Analysis of a possible member of Winnti group
  22. [PDF] Security analysis of open source libraries used in apps
  23. Unitrends software vulnerabilities part 1, part 2
  24. Whitehat worm attacking IOT
  25. Pentest reports repository
  26. CTF infrastructure hacked
  27. [PDF] Deanonymizing Monero
  28. Controversy around AV testing
  29. List of unfixed security bugs
  30. Deanonymizing Edge users
  31. Analysis of a malicious DOC file
  32. An interesing attack on Edge
  33. RCE on Asus projector
  34. Disarming EMET
  35. Hacking Belkin KVM
  36. Andromeda botnet campaign
  37. RCE via GIF file
  38. Mirai experiments with bitcoin mining
  39. Ursnif campaign analysis
  40. Attacks on CVE-2017-0199
  41. Malware avoiding detection
  42. [PDF] HTTPS traffic analysis
  43. {PDF] Magento RCE
  44. [PDF] CLDAP DDoS

Did you enjoy this list? You can retweet it and subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *