IT Security Weekend Catch Up – January 13, 2017

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Hamas cyber-espionage unit in action
  2. Europe prepares for information war
  3. Guccifer 2.0 returns
  4. Private citizen data gathered and sold in China
  5. Don’t sell spyware under your own name
  6. Swedish kings of cyberwar
  7. How the KGB recruited Americans

For the more technical

  1. Real World Cryptography Conference recordings
  2. Alleged WhatsApp backdoor
    1. Explainer why it is not a backdoor
    2. Comment from the original bug reporter
    3. Comment from Whisper Systems
  3. The ZDI 2016 retrospective
  4. BIND9 vulnerabilities
  5. EMET 5.52 is available
  6. PGP key transparency project from Google
  7. [PDF] Google infrastructure security design overview
  8. A practical guide to RFID badge copying
  9. Shadow Brokers saying goodbye plus latest data dump
    1. Rough data analysis
    2. More detailed analysis
    3. Analysis of the previous dump
  10. Cross-browser fingerprinting
  11. Cellebrite hacked, 900GB stolen
  12. Hijacking broken nameservers
  13. Recovering fingerprints based on finger photos
  14. Exploit kit campaign analysis
  15. Interesting malware affair in Italy
    1. Description of the investigation 
    2. Some technical details of the malware
    3. Detailed analysis by Kaspersky
  16. Catching exploit kit landing pages
  17. [PDF] APT28 report
  18. Some APT28 source code
  19. GoDaddy SSL certificates issue
  20. Allegedly free Uber rides
  21. PE backdoor manufacturing
  22. Novel malware sandbox evasion
  23. VENOM Linux rootkit
  24. Finfisher rootkit
  25. Wingbird rootkit
  26. Dangerous Juniper vulnerability
  27. Hacking biometric locks
  28. Hardening Windows 10 with zero-day exploit mitigations
  29. A short glimpse inside Cerber ransomware campaign
  30. Analysis of a clickjacking campaign
  31. Data breach investigation step by step
  32. Plan to survive the next DNS attack
  33. The 10 most interesting iPhone hacks ever
  34. Vulnerability in Cemu
  35. Second wave of Shamoon 2 attacks
  36. Iran leaks censorship via BGP hijacks
  37. Ransomware targets MongoDB
  38. A very interesting attack on Cloudflare
  39. Cracking longer passwords
  40. VoIP honeypot
  41. MongoDB honeypot
  42. [PDF] Catching predators at watering holes
  43. Locating licence plate readers
  44. Attack with cryptocurrency miner attached
  45. Introduction to IoT hardware hacking
  46. New exploit kit analysis – Terror EK
  47. Hunting ransomware on Pastebin
  48. Fast flux explained
  49. Spora ransomware analysis
  50. GoldenEye ransomware using false CVs

Did you enjoy this list? You can retweet it and subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *