IT Security Weekend Catch Up – July 1, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. “10% error rate is okay“ – Leaked EU Commission document regarding Chat Control, the law that requires the mass surveillance of messages and photos
  2. Italy Data Protection Authority warns websites against use of Google Analytics
  3. New Firefox privacy feature strips URLs of tracking parameters
  4. LockBit 3.0 introduces the first ransomware bug bounty program
  5. Automotive fabric supplier TB Kawashima announces cyberattack
  6. AMD investigates RansomHouse hack claims, theft of 450GB data
  7. Cyberattack forces Iran steel company to halt production
  8. Russian hacking group takes credit for wide-ranging cyberattack on Lithuania
  9. How mercenary hackers sway litigation battles
  10. Countering hack-for-hire groups

For the more technical

  1. 2022 CWE top 25 most dangerous software weaknesses
  2. The open cloud vulnerability & security issue database
  3. Dozens of cryptography libraries vulnerable to private key theft
  4. Notes on OpenSSL remote memory corruption
  5. Attacking with WebView2 applications
  6. Cybercriminals use Azure Front Door in phishing attacks
  7. Log4Shell vulnerability in VMware leads to data exfiltration and ransomware
  8. Python packages upload your AWS keys, env vars, secrets to the web
  9. Messenger chatbots now used to steal Facebook accounts
  10. Organizations at risk of data breaches via misconfigured Kubernetes
  11. Automated secure configuration guidance from the macOS Security Compliance Project (PDF)
  12. Tesla Android Project
  13. Attacks on industrial control systems using ShadowPad
  14. The SessionManager IIS backdoor
  15. YTStealer malware: “YouTube cookies! Om nom nom nom”
  16. Raccoon Stealer v2 – The return of the dead
  17. ZuoRAT hijacks SOHO routers to silently stalk networks
  18. Spyware vendor targets users in Italy and Kazakhstan
  19. Flubot: the evolution of a notorious Android banking malware
  20. Revive: from spyware to Android banking trojan
  21. Toll fraud malware: How an Android application can drain your wallet
  22. Conti vs. LockBit: A comparative analysis of ransomware groups
  23. Black Basta ransomware
  24. Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs
  25. De-anonymizing ransomware domains on the dark web
  26. Return of the Evilnum APT with updated TTPs and new targets

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *