Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Forged document identified because of font used
- Mining bitcoins on a bank server
- How USA got their hands on ISIS key database
- Shaltai Boltai head sentenced for two years in prison
- How the .SK domain was stolen
- Canadian company pays $425k to recover from ransomware attack
- Kaspersky’s trouble in USA
- Symantec considers selling certificate business
For the more technical
- NotPetya
- MEDoc authors new about prior attacks
- Details of the MEDoc incident
- Analysis of the MEDoc backdoor
- Analysis of NotPetya spreading code
- [PDF] BitDefender analysis
- NotPetya based on stolen code
- Similarities between NotPetya and BlackEnergy
- BlackEnergy presentation from VB2016
- Another ransomware deployed on the same day
- Excellent reporting on the attack in Ukraine
- A chance for partial data recovery
- Petya ransomware history
- NotPetya’s behaviour if Kaspersky is detected
- Step by step malware analysis
- Brian Krebs and another cybercriminal
- Attacks on independent Chinese language news portals
- NTLM vulnerabilities
- MongoDB security risks
- Reverse engineering a CS:GO cheat engine
- Obfuscation used in targeted attacks
- BIND9 vulnerability
- [PDF] Key leak in Libgcrypt
- systemd vulnerability
- .feedback domain extortions
- Reasons why some organisations can’t just patch
- Sniffing TLS traffic target via SNI
- How to get added the the GitLab repo
- Lenovo Vibe phone vulnerabilities
- SSL certificates revocation issues
- Keyloggers in Windows
- Phone switch hackers caught
- [PDF] Avoiding AV products during phishing testing
- Vulnerabilities in a vibrator app
- Attacks against nuclear plants support
- Fixing a 1988 game
- What can be extracted from a mobile cloud backup
- Defending your website with ZIP bombs
- Netgear vulnerability used to build a botnet
- Analysis of a custom malware packer
- Old Petya key released
- Vulnerabilities are not reported to Apple
- Vulnerability in audit software
- Attack via SIM card takeover
- Apache Struts vulnerability
- Satphones real time decryption attacks
- Amazon S3 buckets search tool
- Analysis of obfuscated RTF files
- How CNN identified an internet troll
- SQLi w WP Statistics
- Azure network security whitepaper
- Intel Boot Guard description
- Attacking EMET
- Sabre data leak
- Intel Skylake bug
- Drupal spam attacks
- New KONNI campaign
- Bitscout – remote forensics tool
- Exploiting a heap overflow in VMWare
- Broadpwn
- Blind XXE analysis
- [PDF] GPU attacks
- ETERNAL SYNERGY exploit analysis
- Serious vulnerability in multiple Kerberos implementations
- AWS S3 access management mistakes
- Attacks on new WordPress installs
- Hardware reverse engineering
- Private keys found on webservers
- ShadowBrokers transactions analysis
- Swiss domains hijacking
- Winnti operations analysis
- Oracle 10g session hijacking
- Framework to identify vulnerabilities in home routers
- Uber SSO bypass
- Two factor authentication problems
- Taking over all .IO domains
- Tor hosting hacked
- Rootnik analysis part 1, 2 and 3
- Interesting analysis of Guccifer 2.0 leak
- New AdWind campaign
- Struts 2 vulnerability analysis
- Chrome plugins bought to turn into adware
- Interesting micropatching example
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
One thought on “IT Security Weekend Catch Up – July 15, 2017”