IT Security Weekend Catch Up – December 2, 2016

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security related news in one place, for your reading pleasure. Enjoy!

A bit less technical

  1. Story of the ransomware attack on San Francisco Municipal Transportation Agency
  2. Quick service restoration and no ransom payed in SF
  3. Hacker responsible for the attack got himself hacked
  4. Carleton University victim of ransomware attack
  5. Customers of Liechtenstein bank blackmailed by hackers
  6. Zynga sues 2 former employees over alleged massive data heist
  7. Strange story around Riseup warrant canary
  8. Another corrupt agent might have been involved in the Silkroad case
  9. British National Lottery accounts hacked
  10. US border agents search journalist’s phone
  11. Apparent leak of xHamster users data
  12. Japanese miliatry newtorks hackedor not
  13. On vulnerability disclosure
  14. DDoS attack on European Commission
  15. Cocaine Counter Intelligence 
  16. Classified Europol files found via Shodan
  17. Security, cyber and elections: part 1, part 2, part 3

A bit more technical

  1. In-depth analysis of a huge Android malware campaign and a comment by Android chief of security
  2. Huge law enforcement operation against a criminal network
  3. New Mirai and Deutsche Telekom:
  4. Firefox 0day
  5. Shamoon attacks return
  6. Basics of ARM/MIPS malware analysis
  7. MD5 collisions in malware analysis and tools
  8. Owning Microsoft Azure Red Hat Update Infrastructure
  9. Description of successful penetration testing in a casino
  10. About Chrome on Windows and exploit mitigation
  11. Real world example of 64-bit exploit development
  12. NetWire RAT used to steal payment card data
  13. Blind RCE on Facebook
  14. Pwning coworkers with LaTeX
  15. Analysis of Cerber ransomware campaign
  16. Gatak trojan horse delivered with keygens
  17. CyberChef – universal crypto convereter
  18. Trading in compromised remote desktop services
  19. Acquisition of a locked iPhone with a lockdown record
  20. Malicious code and the Windows integrity mechanism
  21. Microsoft silently fixes Windows kernel bug
  22. On SMS 2FA security
  23. Bypassing CSP using polyglot JPEGs
  24. Analysis of Proteus bot
  25. [PDF] Security analysis of implantable cardiac defibrillators
  26. OSS-Fuzz: continuous fuzzing for open source software
  27. Analysis of multiple vulnerabilities in AirDroid
  28. SmsSecurity Android malware analysis
  29. Malicious document analysis from macro to shellcode
  30. FreePBX 13: from XSS to RCE
  31. Bypassing supervisor password on ThinkPads
  32. Hacking Paypal OAuth tokens
  33. Side channel attack via sound of the fan
  34. Analysis of a Hancitor campaign
  35. [VIDEO] BSides Las Vegas
  36. Juniper answers to BlackNurse threat
  37. Rooting an appliance
  38. Tricky authentication bypass at
  39. Priviledge escalation in Android

If you found it useful, don’t miss next week’s edition – subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *