IT Security Weekend Catch Up – January 13, 2017

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

1. Hamas cyber-espionage unit in action
2. Europe prepares for information war
3. Guccifer 2.0 returns
4. Private citizen data gathered and sold in China
5. Don’t sell spyware under your own name
6. Swedish kings of cyberwar
7. How the KGB recruited Americans

For the more technical

1. Real World Cryptography Conference recordings
2. Alleged WhatsApp backdoor
   1. Explainer why it is not a backdoor
   2. Comment from the original bug reporter
   3. Comment from Whisper Systems
3. The ZDI 2016 retrospective
4. BIND9 vulnerabilities
5. EMET 5.52 is available
6. PGP key transparency project from Google
7. [PDF] Google infrastructure security design overview
8. A practical guide to RFID badge copying
9. Shadow Brokers saying goodbye plus latest data dump
   1. Rough data analysis
   2. More detailed analysis
   3. Analysis of the previous dump
10. Cross-browser fingerprinting
11. Cellebrite hacked, 900GB stolen
12. Hijacking broken nameservers
13. Recovering fingerprints based on finger photos
14. Exploit kit campaign analysis
15. Interesting malware affair in Italy
    1. Description of the investigation 
    2. Some technical details of the malware
    3. Detailed analysis by Kaspersky
16. Catching exploit kit landing pages
17. [PDF] APT28 report
18. Some APT28 source code
19. GoDaddy SSL certificates issue
20. Allegedly free Uber rides
21. PE backdoor manufacturing
22. Novel malware sandbox evasion
23. VENOM Linux rootkit
24. Finfisher rootkit
25. Wingbird rootkit
26. Dangerous Juniper vulnerability
27. Hacking biometric locks
28. Hardening Windows 10 with zero-day exploit mitigations
29. A short glimpse inside Cerber ransomware campaign
30. Analysis of a clickjacking campaign
31. Data breach investigation step by step
32. Plan to survive the next DNS attack
33. The 10 most interesting iPhone hacks ever
34. Vulnerability in Cemu
35. Second wave of Shamoon 2 attacks
36. Iran leaks censorship via BGP hijacks
37. Ransomware targets MongoDB
38. A very interesting attack on Cloudflare
39. Cracking longer passwords
40. VoIP honeypot
41. MongoDB honeypot
42. [PDF] Catching predators at watering holes
43. Locating licence plate readers
44. Attack with cryptocurrency miner attached
45. Introduction to IoT hardware hacking
46. New exploit kit analysis – Terror EK
47. Hunting ransomware on Pastebin
48. Fast flux explained
49. Spora ransomware analysis
50. GoldenEye ransomware using false CVs

Did you enjoy this list? You can retweet it and subscribe to one of our feeds on Twitter, Facebook or RSS.