IT Security Weekend Catch Up – August 27, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. The Ghostwriter scenario
  2. La Puente man steals 620,000 iCloud photos in plot to find images of nude women
  3. Nigerian ransomware: An inside look at soliciting employees to deploy DemonWare
  4. Liquid exchange hacked – $97 million stolen
  5. One disruption at a bank, a long legal battle and the case of a missing $9 million
  6. Apple photo-scanning plan faces global backlash from 90 rights groups
  7. Apple’s spy in the jailbreak community

For the more technical

  1. AWS privilege escalation: exploring odd features of the Trust Policy
  2. Razer bug lets you become a Windows 10 admin by plugging in a mouse
  3. Trend Micro: Linux Threat Report 2021 1H
  4. Kaspersky: Gaming-related cyberthreats in 2020 and 2021
  5. Academics bypass PINs for Mastercard and Maestro contactless payments
  6. From Pearl to Pegasus. Bahraini government hacks activists with NSO Group zero-click iPhone exploits
  7. Almost 2,000 Exchange servers hacked using ProxyShell exploit
  8. Multiple threat actors, including a ransomware gang, exploiting Exchange ProxyShell vulnerabilities
  9. Vulnerability in Bumble dating app reveals any user’s exact location
  10. CISA releases five Pulse Secure-related MARs
  11. Realtek SDK vulnerabilities weaponized for Mirai distribution
  12. LockFile: Ransomware uses PetitPotam exploit to compromise Windows domain controllers
  13. Indicators of compromise associated with OnePercent group ransomware (PDF)
  14. Ragnarok ransomware releases master decryptor after shutdown
  15. FortiGuard Labs Threat Landscape Report highlights tenfold increase in ransomware
  16. Ransomware groups to watch: Emerging threats
  17. New campaign sees LokiBot delivered via multiple methods
  18. FIN8 threat actor spotted once again with new “Sardonic” backdoor
  19. PRISM attacks fly under the radar
  20. Triada trojan in WhatsApp mod
  21. ShadowPad: A masterpiece of privately sold malware in Chinese espionage
  22. The SideWalk may be as dangerous as the CROSSWALK
  23. Cloudflare thwarts 17.2M rps DDoS attack — the largest ever reported
  24. How default permissions on Microsoft Power Apps exposed millions
  25. Microsoft warns thousands of cloud customers of exposed databases
  26. Confucius uses Pegasus spyware-related lures to target Pakistani military
  27. Here’s how to guard your enterprise against ShinyHunters

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *