IT Security Weekend Catch Up – December 2, 2016

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security related news in one place, for your reading pleasure. Enjoy!

A bit less technical

1. Story of the ransomware attack on San Francisco Municipal Transportation Agency
2. Quick service restoration and no ransom payed in SF
3. Hacker responsible for the attack got himself hacked
4. Carleton University victim of ransomware attack
5. Customers of Liechtenstein bank blackmailed by hackers
6. Zynga sues 2 former employees over alleged massive data heist
7. Strange story around Riseup warrant canary
8. Another corrupt agent might have been involved in the Silkroad case
9. British National Lottery accounts hacked
10. US border agents search journalist’s phone
11. Apparent leak of xHamster users data
12. Japanese miliatry newtorks hacked – or not
13. On vulnerability disclosure
14. DDoS attack on European Commission
15. Cocaine Counter Intelligence 
16. Classified Europol files found via Shodan
17. Security, cyber and elections: part 1, part 2, part 3

A bit more technical

1. In-depth analysis of a huge Android malware campaign and a comment by Android chief of security
2. Huge law enforcement operation against a criminal network
   • Official statement from Europol
   • Statement from Shadowserver
   • Statement from Symantec
   • Statement from NCA
3. New Mirai and Deutsche Telekom:
   • Analysis of a large Mirai botnet
   • Almost 1 mln customers in Germany suffer from Mirai – related incident
   • Deutsche Telekom statement on Mirai incident
   • Deutsche Telekom router firmware analysis and testing
   • Mirai bot static and dynamic analysis
   • Analysis of Mirai attack by Fox-IT
   • Analysis of Mirai attack by Securelist
   • Analysis of Mirai attack by SANS
   • Analysis of Mirai attack by IBM
   • Interview with alleged Mirai botmasters
4. Firefox 0day
   • General report on Firefox 0day used in attacks on Tor Browser users
   • Detailed analysis of the exploit
   • Exploit analysis
   • Shellcode analysis
   • Quick fix by Mozilla
   • Vulnerable code was about 5 years old
   • The exploit attacked users of child porn site
5. Shamoon attacks return
   • FireEye article
   • paloalto article
   • Admin password discovered inside malware
   • Bloomberg article
6. Basics of ARM/MIPS malware analysis
7. MD5 collisions in malware analysis and tools
8. Owning Microsoft Azure Red Hat Update Infrastructure
9. Description of successful penetration testing in a casino
10. About Chrome on Windows and exploit mitigation
11. Real world example of 64-bit exploit development
12. NetWire RAT used to steal payment card data
13. Blind RCE on Facebook
14. Pwning coworkers with LaTeX
15. Analysis of Cerber ransomware campaign
16. Gatak trojan horse delivered with keygens
17. CyberChef – universal crypto convereter
18. Trading in compromised remote desktop services
19. Acquisition of a locked iPhone with a lockdown record
20. Malicious code and the Windows integrity mechanism
21. Microsoft silently fixes Windows kernel bug
22. On SMS 2FA security
23. Bypassing CSP using polyglot JPEGs
24. Analysis of Proteus bot
25. [PDF] Security analysis of implantable cardiac defibrillators
26. OSS-Fuzz: continuous fuzzing for open source software
27. Analysis of multiple vulnerabilities in AirDroid
28. SmsSecurity Android malware analysis
29. Malicious document analysis from macro to shellcode
30. FreePBX 13: from XSS to RCE
31. Bypassing supervisor password on ThinkPads
32. Hacking Paypal OAuth tokens
33. Side channel attack via sound of the fan
34. Analysis of a Hancitor campaign
35. [VIDEO] BSides Las Vegas
36. Juniper answers to BlackNurse threat
37. Rooting an appliance
38. Tricky authentication bypass at ubnt.com
39. Priviledge escalation in Android

If you found it useful, don’t miss next week’s edition – subscribe to one of our feeds on Twitter, Facebook or RSS.