IT Security Weekend Catch Up – January 10, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Report speculates that Google hasn’t updated its iOS apps in weeks to avoid providing privacy details
  2. Nissan source code leaked online after Git repo misconfiguration
  3. Microsoft responded quietly after detecting secret database hack in 2013
  4. Singapore Police Force can obtain TraceTogether data for criminal investigations
  5. SolarWinds recap: All of the federal agencies caught up in the Orion breach
  6. Victory at the High Court against the government’s use of ‘general warrants’
  7. Russian hacker to plead guilty in connection with 2014 breach at JPMorgan Chase
  8. Anti-secrecy activists publish a trove of ransomware victims’ data

For the more technical

  1. Undocumented user account in Zyxel products (CVE-2020-29583) + patch
  2. A side journey to Titan (PDF)
  3. Bugs in Firefox, Chrome, Edge allow remote system hijacking
  4. Bug? No, Telegram exposing its users’ precise location is a feature working as ‘expected’ + more information
  5. 86% of websites using Google Analytics are not anonymizing their users’ full IP addresses
  6. XSS on forums.oculusvr.com leads to Oculus and Facebook account takeovers
  7. Leonardo S.p.A. data breach analysis
  8. Source code revealed for malware that locks IoT male chastity devices
  9. The Mac malware of 2020. A comprehensive analysis of the year’s new malware
  10. Cryptocurrency stealer for Windows, macOS, and Linux went undetected for a year
  11. Operation ‘Kremlin’
  12. [VIDEO] Computer Security Literacy by Iowa State University
  13. A short guide to using a Yubikey for SSH authentication

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *