Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- How Israel, in dark of night, torched its way to Iran’s nuclear secrets
- How Russian spies hid behind bitcoin in hacking campaign
- Mueller finally solves mysteries about Russia’s ‘Fancy Bear’ hackers
- Chinese hackers targeted Internet-of-Things during Trump-Putin summit
- Microsoft reveals first known midterm campaign hacking attempts
- Business E-mail Compromise the 12 billion dollar scam
- The SIM hijackers
- Leaked documents show Facebook’s ‘threshold’ for deleting pages and groups
- A statistical analysis of WikiLeaks publications
- ‘LuminosityLink RAT’ author pleads guilty
- Two years on, alleged KAT founder continues to fight extradition
- BTC-e operator, accused of laundering $4 billion, to be extradited to France
- Irish ‘dark web’ suspect is extradited to the US to face charges
- A ‘Game of Thrones’ thief and a dam hacker: These are the FBI’s 41 most-wanted cyber criminals
- How a sneaky furniture expert ripped off the rich and tricked Versailles
For the more technical
- Telefonica breach exposes personal data of ‘millions’ of customers
- Hackers breach Russian bank and steal $1 million due to outdated router
- How credit card thieves use free-to-play apps to launder their ill-gotten gains
- A deep dive down the Vermin RAThole
- New Andariel reconnaissance tactics hint at next targets
- Blackgear cyberespionage campaign resurfaces, abuses social media for C&C communication
- Anatomy of a spammy campaign
- New Mirai and Gafgyt IoT/Linux botnet campaigns
- GandCrab ransomware version 4.0/4.1
- Reverse engineering some JavaScript malware
- Analysis of Emotet malware
- Malware team up: malspam pushing Emotet + Trickbot
- July 2018 Critical Patch Update released
- Weblogic exploit code made public
- SSRF inside Google production network
- Analysis of the DHCP client script code execution vulnerability
- Researchers mount successful GPS spoofing attack against road navigation systems (PDF)
- Foxit PDF Reader JavaScript remote code execution vulns
- Intel patches new ME vulnerabilities
- Unpatched remote code execution in Reprise License Manager
- Microsoft launches Identity Bounty program
- Low-overhead defense against Spectre attacks via binary analysis (PDF)
- LKRG 0.3 available for download
- Almost booting an iOS kernel in QEMU
- [VIDEO] CONFidence 2018: Hunting for the secrets in a cloud forest
- Hunting for secrets with the DumpsterDiver
- Exploit and post-exploit protection test (PDF)
- Exploiting a Windows 10 PagedPool off-by-one overflow (WCTF 2018)
- Write-up by LOL developer on some low-level techniques to battle cheat development
- Droppers is how Android malware keeps sneaking into the Play store
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
1 thought on “IT Security Weekend Catch Up – July 22, 2018”