IT Security Weekend Catch Up – February 21, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. More bosses are using software to monitor remote workers
  2. Quad9 public domain name service moves to Switzerland for maximum internet privacy protection
  3. Is social media hijacking our minds?
  4. Why hot new social app Clubhouse spells nothing but trouble
  5. Attack on RIPE NCC access: Please enable two-factor authentication
  6. Kia Motors America experiences massive IT outage across the US
  7. Egregor ransomware affiliates arrested by Ukrainian, French police
  8. Three North Korean military hackers indicted in wide-ranging scheme to commit cyberattacks and financial crimes across the globe
  9. 270 service deposit addresses drive 55% of money laundering in cryptocurrency

For the more technical

  1. Best WhatsApp alternatives that respect your privacy
  2. Brave privacy bug exposes Tor onion URLs to your DNS provider
  3. Telegram flaw could have allowed access to users secret chats
  4. The “P” in Telegram stands for Privacy
  5. Clubhouse in China: Is the data safe?
  6. SHAREit flaw could lead to remote code execution
  7. Microsoft force installs Windows 10 update to remove Flash Player
  8. Stored XSS in icloud.com — $5000
  9. Don’t call us we’ll call you: McAfee ATR finds vulnerability in Agora Video SDK
  10. Conti ransomware: Evasive by nature
  11. Arm’d & dangerous – malicious code, now native on apple silicon
  12. AppleJeus: Analysis of North Korea’s cryptocurrency malware
  13. Massive campaign targeting UK banks bypassing 2FA
  14. Data theft using Google Apps Script
  15. The EMV Standard: Break, fix, verify
  16. Bluetooth overlay skimmer that blocks chip
  17. Spam and phishing in 2020
  18. New phishing attack identified: Malformed URL prefixes
  19. Malvertiser “ScamClub” bypasses iframe sandboxing with postMessage() shenanigans [CVE-2021–1801]
  20. Masslogger campaigns exfiltrates user credentials
  21. WatchDog – exposing a cryptojacking campaign that’s operated for two years
  22. ApoMacroSploit – apocalyptical FUD race
  23. Microsoft internal Solorigate investigation – final update
  24. Sandworm intrusion set campaign targeting Centreon systems (PDF)
  25. Centreon provides clarification following the publication of the ANSSI Report
  26. DDoS attacks in Q4 2020

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *