IT Security Weekend Catch Up – July 15, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Twitter is sweeping out fake accounts like never before, putting user growth at risk
  2. Identity theft on social media
  3. Hunting the con queen of Hollywood
  4. El Chapo’s lawyers want to suppress evidence from spyware used to catch cheating spouses
  5. A curious tale of the priest, the broker, the hacked newswires, and $100m of insider trades
  6. Russian influence campaign sought to exploit Americans’ trust in local news
  7. Fugitive cop says he’s behind the DNC leaks
  8. Coinvault, the court case
  9. Chinese police break up US$1.5 billion cryptocurrency World Cup gambling ring
  10. Thieves hack into Detroit gas pump, stealing more than 600 gallons + more information
  11. George Hotz is on a hacker crusade against the ‘scam’ of self-driving cars

For the more technical

  1. After Strava, Polar is revealing the homes of soldiers and spies
  2. Facebook loophole exposed the names of people in private groups
  3. Timehop admits attacker stole 21 million users’ data
  4. Hacker steals military docs because someone didn’t change a default FTP password
  5. Major international airport’s security system found for sale on dark web RDP shop
  6. Ticketmaster breach was part of a larger credit card skimming efforttechnical description
  7. Ukraine security service stops VPNFilter attack at chlorine station
  8. Ammyy Admin compromised with malware again
  9. Hawkeye Keylogger – Reborn v8: an in-depth campaign analysis
  10. AZORult malware finds a new ride with recent stealer phishing campaign
  11. Malware found in Arch Linux AUR package repository
  12. ZOHO – a story of where not to store keys
  13. Microsoft July 2018 Patch Tuesday fixes 53 security bugs across 15 products + additional information
  14. Adobe fixes over 100 vulnerabilities in latest security patch update
  15. Android security bulletin + Pixel / Nexus security bulletin
  16. New Spectre-like attack uses speculative execution to overflow buffers (PDF)
  17. Mitigating Spectre with site isolation in Chrome
  18. Wrapping up the kernel infoleak research with a whitepaper
  19. Weaponization of a JavaScriptCore vulnerability
  20. Stupid-simple exploit found in HP iLO4 serverstechnical description (PDF)
  21. Hackers can chain multiple flaws to attack WAGO HMI devices
  22. Passwords for tens of thousands of Dahua devices cached in IoT search engine
  23. Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign
  24. ESLint has been hacked + how to build an npm worm
  25. Criminals don’t read instructions or use strong passwords
  26. Gsuite Hangouts Chat 5k IDOR
  27. Fraud: here’s how scammers get away with it
  28. Anubis strikes again: mobile malware continues to plague users in official app stores
  29. Advanced mobile malware campaign in India uses malicious MDM
  30. Chinese espionage group TEMP.Periscope targets Cambodia
  31. APT attack in the Middle East
  32. Kaspersky has published its APT report for the second quarter of 2018
  33. Cyber attack trends: 2018 mid-year report
  34. Shutting down the BGP Hijack Factoryadditional information
  35. How to drop 10 million packets per second
  36. UK cell giant EE left a critical code system exposed with a default password
  37. New extortion tricks: now including your password
  38. Here’s why your static website needs HTTPS
  39. Latest Denuvo anti-piracy protection falls, cracker ‘Voksi’ on fire
  40. This $39 device can defeat iOS USB Restricted Mode
  41. USB Restricted Mode inside out
  42. Using iOS 11.2-11.3.1 Electra jailbreak for iPhone physical acquisition
  43. Accessing lockdown files on macOS
  44. Smartphone hackers can obtain valuable data by analyzing touchscreen user interactions
  45. How to build a long-range RFID reader
  46. Air gapping for fun and non-profit – part 1 & 2
  47. How to clear an un-clearable BIOS password
  48. The 111 million record Pemiblanc credential stuffing list

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *