IT Security Weekend Catch Up – February 16, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

Looking for sponsors

Over 3 year of weekly delivery of fresh IT security news, thousands of links and happy readers. You can become part of IT Security Weekly Catch Up by becoming a sponsor. Interested? Get in touch at badcybercom[at]gmail.com (and please, no VPNs/crypto/poker etc.)

For the less technical

  1. OUCH! newsletter: Social media privacy (PDF)
  2. Signal is finally bringing its secure messaging to the masses
  3. How big companies spy on your emails
  4. Drones take to China’s skies to fight coronavirus outbreak
  5. Chinese military personnel charged with computer fraud, economic espionage and wire fraud for hacking into credit reporting agency Equifax (PDF)
  6. How the CIA used Crypto AG encryption devices to spy on countries for decades
  7. The war against space hackers: how the JPL works to secure its missions from nation-state adversaries
  8. Hackers deface Facebook’s official Twitter and Instagram accounts
  9. Estee Lauder exposed 440 million records online

For the more technical

  1. Microsoft Patch Tuesday for February 2020 + more information
  2. Exchange Server and SMBv1
  3. Windows 10 KB4532693 update bug hides user data, loads wrong profile
  4. Remote code execution in Microsoft SQL Server Reporting Services
  5. CVE-2020-0668 – A trivial privilege escalation bug in Windows Service Tracing
  6. Adobe releases the February 2020 security updates
  7. CSS data exfiltration in Firefox via a single injection point
  8. WordPress unzip_file path traversal
  9. Buffer overflow when pwfeedback is set in sudoers
  10. Mitigations are attack surface, too
  11. Unleashing Mayhem over Bluetooth Low Energy
  12. [VIDEO] Flare-On 2019 solutions
  13. Wacom drawing tablets track the name of every application that you open
  14. A different type of card fraud: Anatomy of a Primary Account Number (PAN) enumeration attack
  15. Phantom of theADAS: Phantom attacks on driver-assistance systems (PDF)
  16. Leaking sensitive data from air-gapped workstations via screen brightness
  17. Attackers abuse Bitbucket to deliver an arsenal of malware
  18. Malwarebytes Labs releases 2020 State of Malware Report
  19. Emotet evolves with new Wi-Fi spreader
  20. KBOT: sometimes they come back
  21. Security researchers partner with Chrome to take down browser extension fraud network affecting millions of users
  22. Android Trojan xHelper uses persistent re-infection tactics: here’s how to remove
  23. FBI warns about ongoing attacks against software supply chain companies
  24. DDoS attacks in Q4 2019
  25. Jenkins servers can be abused for DDoS attacks
  26. X-Force Threat Intelligence Index reveals Top Cybersecurity Risks of 2020
  27. Check Point Research’s Q4 2019 Brand Phishing Report

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *