IT Security Weekend Catch Up – August 4, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. OUCH! Security Awareness Newsletter: Smart home devices (PDF)
  2. Bank data for sale on the dark web rises by 135% every year
  3. Credit card issuer TCM Bank leaked applicant data for 16 months
  4. How criminals recruit telecom employees to help them hijack SIM cards
  5. How a hacker allegedly stole millions by hijacking phone numbers
  6. Meriton to pay $3 million for misleading consumers on TripAdvisor
  7. The year targeted phishing went mainstream
  8. This hacker party is ground zero for Russia’s cyberspies
  9. Suspected Russian spy found working at US embassy in Moscow
  10. The Baltic elves taking on pro-Russian trolls
  11. Lithuania: Russian app spying on users
  12. Countering ‘smart’ terrorists who use online gaming platforms
  13. TSA is tracking regular travelers like terrorists in secret surveillance
  14. The story of an NSA hacker

For the more technical

  1. Adventures in vulnerability reporting
  2. HP launches bug bounty program for printers
  3. HP Ink printers remote code execution
  4. Exploiting a Microsoft Edge vulnerability to steal files
  5. Symfony: Remove support for legacy and risky HTTP headers
  6. Critical vulnerabilities in WECON LeviStudioU
  7. Pegasus: analysis of network behavior
  8. SamSam: The (almost) six million dollar ransomware (PDF)
  9. Kovter uncovered – malware teardown (PDF)
  10. Attacks on industrial enterprises using RMS and TeamViewer
  11. Spam campaign abusing SettingContent-ms
  12. Malicious document targets Vietnamese officials
  13. New Underminer exploit kit delivers bootkit and cryptocurrency-mining malware
  14. Geodo and TrickBot malware morph into bigger threats
  15. Inside look at Emotet’s global victims and malspam Qakbot payloads
  16. BGP / DNS hijacks target payment systems
  17. Mass MikroTik router infection – first we cryptojack Brazil, then we take the world?
  18. How hack on 10,000 WordPress sites was used to launch an epic malvertising campaign
  19. Facebook phishing via SMS
  20. Google Play apps infected with Windows executable files
  21. Attacking the attackers
  22. Click on this iOS phishing scam and you’ll be connected to “Apple Care”
  23. Disclose Facebook internal server information with a strange poll
  24. On the hunt for Fin7 (Carbanak) + more information
  25. Three members of notorious international cybercrime group Fin7 in custody
  26. Multiple Cobalt personality disorder
  27. APT group RASPITE targets US electric utilities
  28. Amnesty International among targets of NSO-powered campaign + more information
  29. Creating a key generator to reset a Hikvision IP camera’s admin password
  30. Improving PHP extensions as a persistence method
  31. Making a Blind SQL Injection a little less blind
  32. PS4 Aux Hax – part 1, 2 & 3
  33. Exploitable or not exploitable? Using REVEN to examine a NULL pointer dereference
  34. iOS 12 Beta 5: One step forward, two steps back
  35. Introducing Web Authentication in Microsoft Edge
  36. Better slow than sorry – VirtualBox 3D acceleration considered harmful
  37. Thunderbird and Enigmail – audit report by Cure53
  38. The default OpenSSH key encryption is worse than plaintext

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *