Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- How Facebook and Google lost $100M
- Who is publishing NSA and CIA secrets and why
- [PDF] How Facebook fights fake news
- Interesting investigation in Google vs Uber case
- How is Hungary dealing with the Russian threat
- Russian carder story
- Employee accused of stealing employer’s source code
- Interesting news from Silk Road case
- How a troll army influences French elections
- Hosting company accused of insufficient protection of customer account
- Fitbit tracker used in a murder case
- Losing the equivalent of the value of your home via a hacked mailbox
For the more technical
- Verizon Data Breach Investigations Report 2017
- Dell Customer Connect privilege escalation
- SquirrelMail RCE
- GhostScript RCE (used to hack HipChat)
- OS X malware intercepts SSL connections
- Hundreds of apps open ports on smartphones
- WikiLeaks reveals CIA watermarking tool
- Insufficient SNMP authentication on many router models
- VM escape based on QEMU
- Detailed analysis of a campaign against Israeli companies
- How malware authors try to test their solutions
- [PDF] Internet fraud campaign report
- Critical Zabbix vulnerabilities
- [PDF] New tricks used by APT28
- Technical analysis of APT28’s new tricks
- Summary of APT attacks in Q1 2017
- Symantec answers Google
- Analysis of an allegedly secure email device
- Customer data leaked from secure phone company
- Extracting text messages from Google accounts
- Extracting location history from Google accounts
- Wordlists sorted by probability
- Two botnets fighting over modems of one ISP
- Control Flow Integrity implementation
- Attacking Control Flow Guard
- Auditing code for crypto flaws
- How was FlexiSpy hacked
- FlexiSpy app analysis: part 1, part 2
- Report on exploit use in real world attacks
- Elevation of privilege in Realtek audio driver
- Cloning car key signal
- FIN7 campaign analysis
- Hacking criminal infrastructure
- How was OWASP TOP 10 manipulated
- Authentication bypass in WD My Cloud
- Collection of PoC for multiple CVEs
- YubiKey user guide
- VMWare RCE
- Hyper-V vulnerabilities
- Tracking pixels used in real world attacks
- Personalized spam and phishing
- How cybercriminals communicate
- Analysis of Java malware campaign
- Locky campaign analysis
- Analysis of a large spam campaign
- XPan ransomware analysis
- Necurs botnet analysis
- Hajime botnet analysis
- Webroot removed key Window files
- RCE in IrfanView plugin
- Analysis of a malicious app attacking Facebook accounts
- Rig EK shellcode analysis
- Tunnelling C&C communications via DNS
- [PDF] Attacks against IT service providers
Did you enjoy this list? You can retweet it and subscribe to one of our feeds on Twitter, Facebook or RSS.
1 thought on “IT Security Weekend Catch Up – April 30, 2017”