IT Security Weekend Catch Up – February 17, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

We were gone for a few weeks, but since many of you have asked for a comeback, here it is. We’ll try to keep it alive!

For the less technical

  1. Highlights of the French cybersecurity strategy
  2. Vladimir Drinkman sentenced for a huge data breach
  3. Russian bots flood Twitter after Parkland shooting
  4. Report on whistleblowers retaliation
  5. Chinese turbine company found guilty of stealing trade secrets
  6. Money stolen from Russian banks using Cobalt Strike and SWIFT system
  7. Debunking the FUD of the dark web
  8. SIM hijacking examples
  9. Equifax breach bigger than initially thought
  10. Security at scale – the Dropbox approach
  11. [VIDEO] Numbers station – the spy radio that anyone can hear
  12. UK and US condemn Russia for Notpetya attacks
  13. Ukraine power distributor plans cyber defense system for 20 million USD
  14. New EU privacy law may weaken security
  15. Zerodium offers 45000 USD for Linux 0-days
  16. German court rules Facebook use of personal data illegal
  17. North Korea looking for ways to get hands on cryptocurrencies

For the more technical

  1. Malware used to attack Olympic Games – analysis
  2. Another analysis of the Olympic Games malware
  3. Satori botnet using forever-day vulnerabilities
  4. Abusing sandbox domain to steal Chrome zerodays
  5. Three attacks on Web-of-Trust (WOT)
  6. Using special characters to break iOS and macOS
  7. Flash 0-day used to attack South Korea
  8. Google patches multiple Android bugs, and Pixel/Nexus phones
  9. DoubleDoor – new IoT botnet exploiting two vulnerabilities
  10. Multi stage Word attacks without using macros
  11. Coinhoarder – phishing for cryptocurrencies on a scale
  12. How AI stopped an Emotet outbreak
  13. Lazarus targeting bitcoin users and banks
  14. Pentests using Cobalt Stroke -free video course
  15. Cryptographic attacks on QQ browser (PDF)
  16. Protecting websites from cryptojacking
  17. Thousands of domain taken over by a vietnameese hacker
  18. Google Service Management vulnerability
  19. Online stalking Citymapper users
  20. Free G DATA scanner detecting Meltdown/Spectre vulnerabilities
  21. Reconstructing Notpetya for research purposes
  22. Skype vulnerability that will be hard to fix
  23. Trojan dropper using SLK files
  24. Kaspersky’s 2017 spam and phishing report
  25. SAP patches several vulnerabilites
  26. LibreOffice remote arbitrary file disclosure PoC
  27. Running code on KDE via USB drive name
  28. Multiple vulnerabilities in Kofax document management system
  29. Dridex campaing analysis
  30. Leaked password reuse analysis (PDF)
  31. Dell EMC remotely exploitable vulnerabilities
  32. NetBSD RCE
  33. Recon Brussels 2018 slides
  34. AndroRAT abusing old Android vulnerability
  35. Bitmessage Python client 0-day abused to steal cryptocurrencies
  36. Confucius APT social engineering techniques
  37. RCE in Tenda AC15 router
  38. TrickBot steals cryptocurrencies
  39. Edge on Windows 10 security bypass + technical description
  40. Drive-by cryptominig campaign on Android
  41. Oracle WebLogic flaw used to mine cryptocurrencies
  42. Universal Windows Platform (UWP) protection broken
  43. ShmooCon 2018 videos

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *