Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Twitter is sweeping out fake accounts like never before, putting user growth at risk
- Identity theft on social media
- Hunting the con queen of Hollywood
- El Chapo’s lawyers want to suppress evidence from spyware used to catch cheating spouses
- A curious tale of the priest, the broker, the hacked newswires, and $100m of insider trades
- Russian influence campaign sought to exploit Americans’ trust in local news
- Fugitive cop says he’s behind the DNC leaks
- Coinvault, the court case
- Chinese police break up US$1.5 billion cryptocurrency World Cup gambling ring
- Thieves hack into Detroit gas pump, stealing more than 600 gallons + more information
- George Hotz is on a hacker crusade against the ‘scam’ of self-driving cars
For the more technical
- After Strava, Polar is revealing the homes of soldiers and spies
- Facebook loophole exposed the names of people in private groups
- Timehop admits attacker stole 21 million users’ data
- Hacker steals military docs because someone didn’t change a default FTP password
- Major international airport’s security system found for sale on dark web RDP shop
- Ticketmaster breach was part of a larger credit card skimming effort + technical description
- Ukraine security service stops VPNFilter attack at chlorine station
- Ammyy Admin compromised with malware again
- Hawkeye Keylogger – Reborn v8: an in-depth campaign analysis
- AZORult malware finds a new ride with recent stealer phishing campaign
- Malware found in Arch Linux AUR package repository
- ZOHO – a story of where not to store keys
- Microsoft July 2018 Patch Tuesday fixes 53 security bugs across 15 products + additional information
- Adobe fixes over 100 vulnerabilities in latest security patch update
- Android security bulletin + Pixel / Nexus security bulletin
- New Spectre-like attack uses speculative execution to overflow buffers (PDF)
- Mitigating Spectre with site isolation in Chrome
- Wrapping up the kernel infoleak research with a whitepaper
- Weaponization of a JavaScriptCore vulnerability
- Stupid-simple exploit found in HP iLO4 servers + technical description (PDF)
- Hackers can chain multiple flaws to attack WAGO HMI devices
- Passwords for tens of thousands of Dahua devices cached in IoT search engine
- Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign
- ESLint has been hacked + how to build an npm worm
- Criminals don’t read instructions or use strong passwords
- Gsuite Hangouts Chat 5k IDOR
- Fraud: here’s how scammers get away with it
- Anubis strikes again: mobile malware continues to plague users in official app stores
- Advanced mobile malware campaign in India uses malicious MDM
- Chinese espionage group TEMP.Periscope targets Cambodia
- APT attack in the Middle East
- Kaspersky has published its APT report for the second quarter of 2018
- Cyber attack trends: 2018 mid-year report
- Shutting down the BGP Hijack Factory + additional information
- How to drop 10 million packets per second
- UK cell giant EE left a critical code system exposed with a default password
- New extortion tricks: now including your password
- Here’s why your static website needs HTTPS
- Latest Denuvo anti-piracy protection falls, cracker ‘Voksi’ on fire
- This $39 device can defeat iOS USB Restricted Mode
- USB Restricted Mode inside out
- Using iOS 11.2-11.3.1 Electra jailbreak for iPhone physical acquisition
- Accessing lockdown files on macOS
- Smartphone hackers can obtain valuable data by analyzing touchscreen user interactions
- How to build a long-range RFID reader
- Air gapping for fun and non-profit – part 1 & 2
- How to clear an un-clearable BIOS password
- The 111 million record Pemiblanc credential stuffing list
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
1 thought on “IT Security Weekend Catch Up – July 15, 2018”