IT Security Weekend Catch Up – August 19, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Criminals posting counterfeit Microsoft products to get access to victims’ computers
  2. Hackers attack UK water supplier but extort wrong company
  3. CS:GO trading site hacked to steal $6 million worth of skins
  4. How a third-party SMS service was used to take over Signal accounts + more information
  5. 5.7bn data entries found exposed on Chinese VPN
  6. Browser password managers – flawed security, by design
  7. Old laptop hard drives will allegedly crash when exposed to Janet Jackson music

For the more technical

  1. Starlink user terminal modchip
  2. Researching Xiaomi’s TEE to get to Chinese money
  3. Attacking Titan M with only one byte
  4. A new jailbreak for John Deere tractors rides the right-to-repair wave
  5. The new USB Rubber Ducky is more dangerous than ever
  6. One bootloader to load them all
  7. Process injection: breaking all macOS security layers with a single vulnerability
  8. Typosquatting campaign targeting Python’s top packages, dropping GitHub hosted malware with DGA capabilities
  9. Monero coinminer being distributed via Webhards
  10. Compromised YouTube accounts spreading malware
  11. Investigation report about the abuse of the Mac Appstore
  12. Real-time behavior-based detection on Android reveals dozens of malicious apps on Google Play Store
  13. BugDrop: the first malware trying to circumvent Google’s security Controls
  14. Threat in your browser: what dangers innocent-looking extensions hold for users
  15. IT threat evolution Q2 2022 + Non-mobile & mobile statistics
  16. SOVA malware is back and is evolving rapidly
  17. DarkTortilla malware analysis
  18. Disrupting SEABORGIUM’s ongoing phishing operations
  19. APT41 world tour 2021 on a tight schedule
  20. RedAlpha conducts multi-year credential theft campaign targeting global humanitarian, think tank, and government organizations
  21. APT-C-35 gets a new upgrade
  22. Overview of the 9 distinct data wipers used in the Ukraine war (PDF)
  23. How Google Cloud blocked the largest Layer 7 DDoS attack at 46 million rps

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *