IT Security Weekend Catch Up – December 21, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Edward Snowden’s book profits must go to the government, judge rules
  2. Are you one of Avast’s 400 million users? This is why it collects and sells your web habits
  3. More than 38,000 people will stand in line this week to get a new password
  4. ‘Inconsistent and misleading’ – research suggests password meters could increase risk of cyber attacks
  5. Apple opens public bug bounty program, publishes official rules
  6. Thief stole payroll data of 29,000 Facebook employees
  7. Report: 267 million Facebook users IDs and phone numbers exposed online
  8. What do “password” and President Trump have in common? Both lost ranking on SplashData’s Annual Worst Passwords List
  9. Removing coordinated inauthentic behavior from Georgia, Vietnam and the US
  10. British hacker accused of blackmailing healthcare firms extradited to U.S.
  11. The dark world of online murder markets
  12. Meet the mad scientist who wrote the book on how to hunt hackers

For the more technical

  1. Vulnerability related to processing of archive files patched in Drupal
  2. Privilege escalation flaws found in preinstalled Acer, ASUS software
  3. Multiple vulnerabilities in SPPA-T3000 components
  4. TP-Link Archer router vulnerability voids admin password, can allow remote takeover
  5. Multiple vulnerabilities in WAGO PFC200
  6. BreakingApp – WhatsApp crash & data loss bug
  7. Microsoft SharePoint Server information disclosure vulnerability
  8. Multiple vulnerabilities in Barco ClickShare
  9. Abusing feature to steal your tokens
  10. Hacking GitHub with Unicode’s dotless ‘i’
  11. Your workmates might still be reading that ‘unshared’ Slack document
  12. It’s time to disconnect RDP from the internet
  13. Seasons greetings: Now install my malware…
  14. Untangling Legion Loader’s hornet nest of malware
  15. Buer Loader, new Russian loader on the market with interesting persistence
  16. Lazarus hackers target Linux, Windows with new Dacls malware
  17. Dacls, the Dual platform RAT
  18. Say hello to Bottle Exploit Kit targeting Japan
  19. New Echobot variant exploits 77 remote code execution flaws
  20. The year of the phish
  21. APT campaign targets Korean industrial companies
  22. Shining a light on one of China’s hidden hacking groups (PDF)
  23. One in every 172 active RSA certificates are vulnerable to attack
  24. BFU extraction: Forensic analysis of locked and disabled iPhones
  25. Apple platform security guide (PDF)

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *