IT Security Weekend Catch Up – February 16, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Which countries have the worst (and best) cybersecurity?
  2. Meet the amateur astronomers hunting for spy satellites
  3. Undercover spy exposed in NYC was 1 of many
  4. Hal Martin’s OPSEC audited using public DBs
  5. Inside the secret Facebook war for Mormon hearts and minds
  6. Netflix has saved every choice you’ve ever made in ‘Black Mirror: Bandersnatch’
  7. 617 million accounts stolen from 16 hacked websites now for sale on dark web + more information
  8. Russia to disconnect from the internet as part of a planned test
  9. Bank of Valletta resumes operations after major cyber attack
  10. MalwareTech loses bid to suppress damning statements made after days of partying
  11. Bomb threat hoaxer exposed by hacked gaming site
  12. Google Vulnerability Reward Program: Year in review
  13. A story about a feature in Windows called ASLR

For the more technical

  1. RunC vulnerability gives attackers root access on Docker, Kubernetes hosts
  2. Escape from Docker and Kubernetes containers to root on host
  3. Microsoft February 2019 Patch Tuesday
  4. Windows DHCP server remote code execution vulnerability
  5. If you use Skype, your contacts may now be exposed
  6. Spying on Safari in Mojave
  7. WordPress plugin ‘Simple Social Buttons’ critical security bug
  8. Global security update availability for smartphones
  9. Adobe Acrobat Reader DC text field remote code execution vulnerability
  10. Privilege escalation in Ubuntu Linux (dirty_sock exploit)
  11. Snapd flaw lets attackers gain root access on Linux systems
  12. Understanding Ubiquiti discovery service exposures
  13. Many ICS vulnerability advisories contain errors (PDF)
  14. Major security breach found in hospital and supermarket refrigeration systems
  15. Achieving remote code execution on a Chinese IP camera
  16. Word-based malware attack
  17. Practical enclave malware with Intel SGX (PDF)
  18. New Astaroth trojan variant exploits anti-malware software to steal info
  19. Windows app runs on Mac, downloads info stealer and adware
  20. How Google fought bad apps and malicious developers in 2018
  21. QNAP NAS user? You’d better check your hosts file for mystery anti-antivirus entries
  22. TrickBot adds remote application credential-grabbing capabilities to its repertoire
  23. Scarlet Widow: Nigeria-based romance scam operation (PDF)
  24. Weird phishing campaign uses links with almost 1,000 characters
  25. BEC actors exploiting Gmail “dot accounts” for fun and profit
  26. DNS manipulation in Venezuela in regards to the humanitarian aid campaign
  27. Attack at email provider wipes out almost two decades’ worth of data
  28. Pwning WPA/WPA2 networks with Bettercap and the PMKID client-less attack
  29. New zombie ‘POODLE’ attack bred from TLS flaw
  30. New offensive USB cable allows remote attacks over WiFi
  31. Data Breach QuickView Report (PDF)
  32. E-voting public intrusion test
  33. Ad IDs behaving badly
  34. Videos from the BlueHat IL 2019 conference
  35. Why is my perfectly good shellcode not working? Cache coherency on MIPS and ARM
  36. Xiaomi scooter hack enables dangerous accelerations and stops for unsuspecting riders
  37. Free cyber security training

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *