IT Security Weekend Catch Up – January 27, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Joint statement by European Commission ahead of Data Protection Day
  2. How the U.S. federal government shutdown harms security
  3. Three charged for working with serial swatter
  4. The strange, terrifying tale of the mistress who flipped on El Chapo
  5. Russian hacker Alexander Zhukov extradited by Bulgaria to US
  6. How sloppy OPSEC gave researchers an inside look at the exploit industry
  7. The messy truth about infiltrating computer supply chains
  8. ‘Operation Pirate’ targets ‘iNCOMiNG’ release group
  9. Why CISA issued our first Emergency Directive
  10. Can you spot when you’re being phished?
  11. For $29, this company swears it will ‘brainwash’ someone on Facebook
  12. Hackers baselessly blame women and ‘SJWs’ for the end of DerbyCon security conference
  13. Microsoft fights fake news with NewsGuard integration in its mobile Edge browser
  14. Russia targeting British institute in disinformation campaign
  15. This time it’s Russia’s emails getting leaked
  16. The world’s largest youth-run organization had a data breach
  17. Undercover agents target cybersecurity watchdog
  18. Are Android updates getting faster? Let’s look at the data
  19. The mystery tracks being ‘forced’ on Spotify users

For the more technical

  1. ‘Chaos’ iPhone X attack alleges remote jailbreak
  2. Finding and exploiting vulnerabilities in mobile Point of Sale terminals
  3. Remote Code Execution in apt/apt-get
  4. Fuzzing HTTP server (PDF.js)
  5. Chained bugs to leak victim’s Uber’s FB Oauth token
  6. Security research: ThingsPro Suite – IIoT gateway and device manager by Moxa
  7. Finding and exploiting the Check Point ZoneAlarm Anti-Virus for local privilege escalation
  8. Mystery still surrounds hack of PHP PEAR website
  9. Detecting persistent cloud infrastructure/Hadoop/YARN attacks
  10. Bypassing network restrictions through RDP tunneling
  11. How I abused 2FA to maintain persistence after a password change
  12. Should I pentest my cloud infrastructure?
  13. Evilginx 2.3 – phisherman’s dream
  14. Bomb threat, sextortion spammers abused weakness at GoDaddy.com
  15. ThinkPHP vulnerability abused by botnets Hakai and Yowai
  16. Razy in search of cryptocurrency
  17. Cisco AMP tracks new campaign that delivers Ursnif
  18. Carbon Black TAU & ThreatSight analysis: GandCrab and Ursnif campaign
  19. Russian language malspam pushing Redaman banking malware
  20. Going in-depth with Emotet: Multilayer operating mechanisms
  21. Emotet: G DATA explains cybercrime’s all-purpose weapon
  22. New evidence might link Lazarus tool found in Chile RedBanc intrusion to attacks in Pakistan
  23. GreyEnergy’s overlap with Zebrocy
  24. Guide to WebAuthn
  25. 101 bash commands and tips for beginners to experts
  26. Apple iTunes: Standalone vs. Microsoft Store Edition
  27. How to hack an expensive camera and not get killed by your wife

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *