IT Security Weekend Catch Up – February 22, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

Looking for sponsors

Over 3 year of weekly delivery of fresh IT security news, thousands of links and happy readers. You can become part of IT Security Weekly Catch Up by becoming a sponsor. Interested? Get in touch at badcybercom[at]gmail.com (and please, no VPNs/crypto/poker etc.)

For the less technical

  1. The US blames Russia’s GRU for sweeping cyberattacks in Georgia
  2. Details of 10.6 million MGM hotel guests posted on a hacking forum
  3. Slickwraps data breach exposes financial and customer info
  4. IOTA cryptocurrency shuts down entire network after wallet hack
  5. How Saudi Arabia infiltrated Twitter
  6. Pay up, or we’ll make Google ban your ads

For the more technical

  1. CVE-2020-0618: RCE in SQL Server Reporting Services (SSRS)
  2. Proof of concept for Microsoft SQL Server Reporting Services vulnerability available + PoC
  3. The mess behind Microsoft’s yanked UEFI patch KB 4524244
  4. Windows 10 KB4532693 update bug reportedly deletes user files
  5. Microsoft has a subdomain hijacking problem
  6. Hackers were inside Citrix for five months
  7. Cacti v1.2.8 authenticated Remote Code Execution (CVE-2020-8813)
  8. IMP4GT: Impersonation attacks in 4G networks
  9. 2019 Year End Report – Vulnerability QuickView (PDF)
  10. Security analysis of the Solo firmware
  11. The hidden dangers inside Windows & Linux computers
  12. AZORult spreads as a fake ProtonVPN installer
  13. Ransomware impacting pipeline operations
  14. Croatia’s largest petrol station chain impacted by cyber-attack
  15. Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world
  16. Chinese hackers have breached online betting and gambling sites
  17. Active C2 discovery using protocol emulation (Winnti 4.0)
  18. Weaponized WordPress themes & plugins
  19. Critical issue in ThemeGrill Demo Importer leads to database wipe and auth bypass
  20. Disruptive ads enforcement and our new approac
  21. Pokémon GO OSINT techniques
  22. Pen testing ships. A year in review
  23. What happened to DNStats.net?
  24. iPhone acquisition without a jailbreak (iOS 11 and 12)
  25. Model hacking ADAS to pave safer roads for autonomous vehicles

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *