IT Security Weekend Catch Up – August 18, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. The Iraqi spy who infiltrated ISIS
  2. Russian hackers targeted Swedish news sites in 2016
  3. Russian-backed separatists are using terrifying text messages to shock adversaries
  4. FBI warns of ‘unlimited’ ATM cashout blitz
  5. Cosmos Bank loses $13.5 million in cyber attack
  6. BitConnect: How to lose $3 billion of Bitcoin
  7. Hanging up on mobile in the name of security
  8. Melbourne teen hacked into Apple’s secure computer network, court told
  9. Some 2.6 billion data records exposed in first half of 2018
  10. NSW Health medical records abandoned in derelict building
  11. Google tracks your movements, like it or not
  12. Banks and retailers are tracking how you type, swipe and tap
  13. Uber picks N.S.A. veteran to fix troubled security team
  14. NSA cracked open encrypted networks of Russian airlines, Al Jazeera
  15. Why you need a better handle on the WhatsApp, Signal and Telegram apps
  16. U.S. government seeks Facebook help to wiretap Messenger
  17. Facebook’s moderation – Hungarian experiences
  18. Toronto man sues Facebook $500,000 for ‘anxiety’ related to Cambridge Analytica breach
  19. Google boots open source anti-censorship tool from Chrome Store
  20. SentinelOne makes YouTube delete Bsides vid ‘cuz it didn’t like the way bugs were reported
  21. WikiLeaks’ founder tried to retaliate against hacktivist hero Barrett Brown
  22. U.S. Attorney moves to dismiss murder-for-hire charges against Ross Ulbricht
  23. LinkedIn hacking suspect refuses to cooperate with his lawyers
  24. Second Nigerian sentenced for phishing scam

For the more technical

  1. DEF CON 26 presentations
  2. Foreshadow: Breaking the virtual memory abstraction with transient out-of-order execution
  3. Analysis and mitigation of L1 Terminal Fault (L1TF) + Intel response
  4. Backdoor mechanism discovered in VIA C3 x86 processors
  5. Hacked satellite systems could launch microwave-like attacks, expert warns (PDF)
  6. A clever Android hack takes advantage of sloppy storage
  7. Voracle – compression oracle attacks on VPN tunnels
  8. Microsoft August 2018 Patch Tuesday
  9. Arbitrary, unsigned code execution vector in Microsoft.Workflow.Compiler.exe
  10. UAF vulnerability in VBScript engine affects Internet Explorer to run shellcode
  11. The problems and promise of WebAssembly
  12. The dangers of key reuse: Practical attacks on IPsec IKE (PDF)
  13. A bug that affects million users – Kaspersky VPN
  14. ICS-CERT warns of critical flaws in NetComm industrial routers
  15. Samsung Galaxy S7 smartphones vulnerable to hacking
  16. Vulnerable out of the box – an evaluation of Android carrier devices
  17. Clickjackings in Google worth 12644.7$
  18. Amazon AWS error exposes info on 31,000 GoDaddy servers
  19. How I chained 4 bugs into RCE on Amazon Collaboration System
  20. Vulnerabilities in fax protocol let hackers infiltrate networks via fax machines
  21. New SharePoint phishing attack affects an estimated 10% of Office 365 users
  22. New extortion tricks: Now including your (partial) phone number
  23. KeyPass ransomware
  24. IoT hackers trick Brazilian bank customers into providing sensitive information
  25. Necurs targeting banks with PUB file that drops FlawedAmmyy + more information
  26. Process Doppelgänging meets Process Hollowing in Osiris dropper
  27. Anubis is back: Are you prepared?
  28. Malware has no trouble hiding and bypassing macOS user warnings
  29. APT10 was managed by the Tianjin bureau of the Chinese Ministry of State Security
  30. Chinese cyberespionage originating from Tsinghua University infrastructure
  31. Reversing a Japanese wireless SD card
  32. Credit card skimmers now need to fear the Reaper (PDF)
  33. Low-level hacking NCR ATM
  34. De-anonymizing programmers from executable binaries (PDF)
  35. Who left open the cookie jar? A comprehensive evaluation of third-party cookie policies (PDF)
  36. Mozilla removes 23 Firefox add-ons that snooped on users
  37. Google: Expanding our Vulnerability Reward Program to combat platform abuse
  38. The new month of Burp pr0n

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *