Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- China used stolen data to expose CIA operatives in Africa and Europe
- Leonardo hack targeted military plane details, arrest warrant shows
- Hacker earns $2 million in bug bounties on HackerOne
- Firefox to ship ‘network partitioning’ as a new anti-tracking defense
- Madonna reacts to Instagram’s new Terms of Use – what are the updated policies?
- BMW will publicly shame out-of-warranty drivers with smart billboards and license plate readers
- Europol and the European Commission inaugurate new decryption platform to tackle the challenge of encrypted material for law enforcement investigations
- The FBI is secretly breaking into encrypted devices. We’re suing
- Cybercriminals’ favourite VPN taken down in global action + more information
- Nintendo conducted invasive surveillance operation against Homebrew hacker
- Crypto exchange EXMO hacked, appears to have lost $10.5 million worth of funds
- Physical addresses of 270K Ledger owners leaked on hacker forum
For the more technical
- Authentication bypass vulnerability in Bouncy Castle
- Google reported that Microsoft failed to fix a Windows zero-day flaw + more information
- Cross layer attacks and how to use them (PDF)
- This is how I was able to view anyone’s private email and birthday on Instagram
- Potentially ongoing worldwide UDP:443 (EDT) DDoS amplify attack against Citrix (NetScaler) Gateway
- Citrix devices are being abused as DDoS attack vectors
- QNAP fixes high severity QTS, QES, and QuTS hero vulnerabilities
- Sniff, there leaks my BitLocker key
- Journalists hacked with suspected NSO Group iMessage ‘zero-click’ exploit
- Counting broken links: A Quant’s view of software supply chain security (PDF)
- Software supply chain compromises – a living dataset
- Sunburst: connecting the dots in the DNS requests
- Partial lists of organizations infected with Sunburst malware released online
- SUPERNOVA: A novel .NET webshell + more information
- Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack
- Qualys Security Advisory: SolarWinds / FireEye
- Lazarus covets COVID-19-related intelligence
- Pay2Kitten – Fox Kitten 2
- Everything but the kitchen sink: more attacks from the Gitpaste-12 worm
- New Dark Web pricing analysis from Flashpoint
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.