IT Security Weekend Catch Up – July 27, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. The history of antivirus software company Malwarebytes
  2. Facebook’s ex-security chief details his ‘observatory’ for Internet abuse
  3. Senate intel committee unveils election security report in wake of Mueller hearings
  4. Amazon’s Rekognition failed in Orlando
  5. Facebook design flaw let thousands of kids join chats with unauthorized users
  6. Louisiana declares state of emergency in response to ransomware attack
  7. Neo-Nazi SWATters target dozens of journalists
  8. Man accused of hacking Bulgaria’s tax agency is released and given lesser charges
  9. Irish man who helped operate the “Silk Road” website sentenced to over six years in prison
  10. Siemens contractor pleads guilty to planting logic bomb in company spreadsheets
  11. The world’s best bounty hunter is 4’11”. Here’s how she hunts
  12. Banksy’s art authentication system displays top-notch cryptographic nous

For the more technical

  1. ProFTPD vulnerability lets users copy files without permission
  2. With FaceApp in the spotlight, new scams emerge
  3. Analysis of CVE-2019–11229 — from Git config to RCE
  4. Just opening a document in LibreOffice can hack your computer
  5. COModo: From Sandbox to SYSTEM (CVE-2019–3969)
  6. FortiOS: Improper check for certificate revocation vulnerability
  7. HackerOne breaks down the top 10 cybersecurity vulnerabilities
  8. How to steal a million (of your data)
  9. Citrix concludes investigation of unauthorized internal network access
  10. How account takeover botnets outsmart traditional security controls
  11. Multistage attack delivers BillGates/Setag backdoor, can turn Elasticsearch aatabases into DDoS botnet ‘zombies’
  12. Imperva blocks our largest DDoS L7/brute force attack ever (peaking at 292,000 RPS)
  13. Airbus A350 software bug forces airlines to turn planes off and on every 149 hours
  14. A deep dive into Phobos ransomware
  15. A deep dive into IcedID malware – part I, II & III
  16. A deep dive into Guildma malware
  17. GandCrab Doppelgänged his shell?
  18. Bestsellers in the underground economy: Measuring malware popularity by forum
  19. Phishing attackers are abusing WeTransfer to evade email gateways
  20. Hackers exploit Jira, Exim Linux servers to “keep the Internet safe”
  21. Cybercrime gang adds new tactics to credit card data-stealing campaign
  22. Resurgent Iron Liberty targeting energy sector
  23. Advanced mobile surveillanceware, made in Russia, found in the wild (PDF)
  24. LKRG 0.7 available for download
  25. Recent container escape and LKRG
  26. Rapid7 Report: Under the Hoodie 2019
  27. iOS 13 (Beta) forensics
  28. Breaking and securing Apple iCloud accounts
  29. Accessing iCloud with and without a password in 2019
  30. Finding evil in Windows 10 compressed memory: Volatility and Rekall tools
  31. Election security through an adversary’s eyes

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *