IT Security Weekend Catch Up – August 10, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. OUCH! newsletter: Got backups? (PDF)
  2. The risk of weak online banking passwords
  3. Monzo urges 480,000 customers to change their pin numbers
  4. Researchers show how Europe’s data protection laws can dox people
  5. Binance KYC data leak — crypto exchange sets $290,000 bounty on blackmailer
  6. Microsoft contractors are listening to some Skype calls
  7. Instagram ad partner secretly sucked up and tracked millions of users’ locations and stories
  8. 8chan refugees blow their anonymity
  9. Hundreds of exposed Amazon cloud backups found leaking sensitive data
  10. Amazon allegedly scammed out of $370K by 22-year-old’s return shipments of dirt
  11. AT&T employees took bribes to plant malware on the company’s network
  12. How AT&T insiders were bribed to ‘unlock’ millions of phones
  13. Iranian hackers suspected of cyberattacks on Bahrain

For the more technical

  1. With warshipping, hackers ship their exploits directly to their target’s mail room
  2. Google Project Zero: Vulnerability disclosure FAQ
  3. Apple gives hackers a special iPhone—and a bigger bug bounty
  4. Dangerous get-task-allow entitlement on iExplorer example
  5. Avaya VoIP phones harbored 10-year old vulnerability
  6. QualPwn – exploiting Qualcomm WLAN and modem over the air
  7. Security bugs in popular Cisco switch brand allow hackers to take over devices
  8. Unpatched KDE vulnerability disclosed on Twitter
  9. Steam Windows client local privilege escalation 0day
  10. Responding to Firefox 0-days in the wild
  11. Hackers can break into an iPhone just by sending a text
  12. WhatsApp protocol decryption for chat manipulation and more
  13. Basic Electron framework exploitation
  14. Reverse RDP attack: The Hyper-V connection
  15. Multiple vulnerabilities in NVIDIA Windows GPU Display Driver, VMware ESXi, Workstation and Fusion
  16. A Boeing code leak exposes security flaws deep in a 787’s guts
  17. SWAPGS attack: New side-channel attack bypasses Spectre and Meltdown defenses
  18. HTTP desync attacks: Request Smuggling reborn
  19. A technical analysis of the Capital One cloud misconfiguration breach
  20. iNSYNQ ransom attack began with phishing email
  21. New Echobot botnet variant uses over 50 exploits to propagate
  22. Some Fiberhome routers are being utilized as SSH tunneling proxy nodes
  23. The PDF invoice that phished you
  24. Varenyky: Spambot à la Française
  25. GermanWiper ransomware hits Germany hard, destroys files, asks for ransom
  26. Unmasking AVE_MARIA
  27. Corporate IoT – a path to intrusion
  28. DDoS attacks in Q2 2019
  29. APT41: A dual espionage and cyber crime operation
  30. Sharpening the Machete
  31. Canva security incident
  32. From the depths of counterfeit smartphones
  33. The Advanced Protection Program expands to Chrome

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *