IT Security Weekend Catch Up – February 25, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

We were gone for a few weeks, but since many of you have asked for a comeback, here it is. We’ll try to keep it alive!

For the less technical

  1. How UK spies hacked Belgacom
  2. Lawsuits threaten infosec research
  3. The Islamic State activity in Belgium (PDF)
  4. PNB officials illegally accessed Level-5 SWIFT password
  5. A hacker has wiped a spyware company’s servers
  6. The data breaches of two spyware companies
  7. How North Korea evades international sanctions
  8. Paedophile jailed for 32 years after blackmailing victims over dark web
  9. The longest data breach saga of all time
  10. Judge blocked efforts by Silk Road creator
  11. Flight Sim Labs put malware in a game + second part of the story
  12. Signal Foundation launched – WhatsApp co-founder puts $50 million
  13. Satellite centre for NATO to be built in Czech Republic

For the more technical

  1. Using the Chrome Task Manager to find in-browser miners
  2. Devirtualizing FinSpy, phase #1, #2, #3, #4
  3. Trend Micro Email Encryption Gateway multiple vulnerabilities
  4. Half a billion leaked passwords for download
  5. The great outage
  6. Ransomware file encryption
  7. MeltdownPrime and SpectrePrime attacks (PDF)
  8. Satori strikes again
  9. uTorrent has serious security flaws + technical description + PoC 1, 2, 3
  10. Analysis of Brazilian banker malware
  11. Validating leaked passwords with k-Anonymity
  12. Remote code execution in IDA
  13. Cryptojacking scripts can work in Word documents
  14. Jailbreaking iOS 11 and iOS 10
  15. Get iOS shared files without a jailbreak
  16. Analysis of 2017 Sofacy activity
  17. Nearly 8,000 security flaws did not receive a CVE ID in 2017
  18. Bypassing Anti-Malware Scan Interface (AMSI) in Windows 10
  19. Browser Security Whitepaper (PDF)
  20. New jRAT/Adwind variant being spread with scam
  21. Password management and mobile security
  22. Hackers made $3 million by installing miners on Jenkins servers
  23. OilRig uses ThreeDollars to deliver new trojan
  24. Avzhan DDoS bot dropped by Chinese drive-by attack
  25. Hackers can hijack baby monitor video feeds
  26. Malicious RTF document leading to NetwiredRC and Quasar RAT
  27. The rise of crypto-minig attacks
  28. From Android Defender to DoubleLocker (PDF)
  29. macOS may lose data on APFS-formatted disk images
  30. Cryptojacking Attack at Tesla + additional information
  31. North Korean threat group known as APT37/Reaper (PDF)
  32. Analysis of macOS trojan Coldroot RAT
  33. Google Project Zero exposes security flaw in Windows 10
  34. Chaos backdoor lets attackers gain control of Linux servers
  35. Increased usage of counterfeit code signing certificates
  36. Vulnerability in WAGO PFC200 controllers
  37. How Cloudflare protects users’ credentials
  38. Log injection attack
  39. Hacking SinVR
  40. New version of hashcat
  41. Snapchat hit by phishing attack
  42. Vulnerabilities in GE D60 Line Distance Relay devices
  43. T-Mobile bug allowed hackers to hijack users’ accounts
  44. The guide to password security
  45. Tempting Cedar Spyware campaign on Facebook
  46. Miners attacked 3.3% of ICS computers
  47. Hacking Tinder accounts using Facebook Account Kit
  48. Mirai-based bot turns IoT devices into proxy servers
  49. XXE 0-day vulnerability in HP PPM
  50. The rise of ICS malware
  51. How to mitigate rapid cyberattacks such as Petya and WannaCrypt
  52. Money laundering via author impersonation on Amazon
  53. Italian DHL-themed phishing leads to Ursnif
  54. New bypass and protection techniques for ASLR on Linux
  55. Campaign targeting Fortune 500 companies
  56. Millions Stolen From Russian, Indian Banks in SWIFT Attacks

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *