IT Security Weekend Catch Up – January 11, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Types of dark pattern
  2. Police tracked a terror suspect — until his phone went dark after a Facebook warning
  3. He mocks Saudi Arabia on YouTube. Yes, he fears for his safety

For the more technical

  1. Cisco Data Center Network Manager bugapalooza with three must-fix flaws
  2. Citrix NetScaler CVE-2019-19781: What you need to know
  3. Deep dive in to Citrix ADC remote code execution, CVE-2019-19781
  4. What is Cable Haunt?
  5. First chosen-prefix collision on SHA-1 and application to the PGP Web of Trust (PDF)
  6. The bug that exposed your PayPal password
  7. Mozilla patches Firefox zero-day reported by Qihoo 360
  8. United States government-funded phones come pre-installed with unremovable malware
  9. Tik or Tok? Is TikTok secure enough?
  10. An empirical study of wireless carrier authentication for SIM swaps
  11. Smartphone shopaholic
  12. PHA Family Highlights: Bread (and friends)
  13. First active attack exploiting CVE-2019-2215 found on Google Play, linked to SideWinder APT group
  14. Android Security Bulletin—January 2020
  15. Remote iPhone exploitation part 1: Poking memory via iMessage and CVE-2019-8641
  16. Remote iPhone exploitation part 2: Bringing light into the darkness – a remote ASLR bypass
  17. Remote iPhone exploitation part 3: From memory corruption to JavaScript and back – gaining code execution
  18. Blackout Bug: Boeing 737 cockpit screens go blank if pilots land on specific runways
  19. MITRE ATT&CK for ICS Matrix
  20. New Iranian data wiper malware hits Bapco, Bahrain’s national oil company
  21. Cyber gangsters demand payment from Travelex after ‘Sodinokibi’ attack
  22. Sodinikibi ransomware hits New York airport systems
  23. SaiGon, the mysterious Ursnif fork
  24. The difficulty of disclosure, Surebet247 and the Streisand effect
  25. Cutting Google out of your life
  26. How to stay private when using Android
  27. How to encrypt your Android device
  28. Google Autofill tests biometric authentication for passwords and payments

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *