Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Security keys neutralized employee phishing
- ‘Scraper’ bots and the secret Internet arms race
- Hackers threaten to disrupt Moscow Domodedovo Airport navigation system
- Russian hackers’ new target: a vulnerable democratic senator
- This former British spy exposed the Russian hackers
- On the trail of the 12 indicted Russian intelligence officers
- What the latest Mueller indictment reveals about WikiLeaks’ ties to Russia
- How Silicon Valley became a den of spies
- Singapore health system hit by serious breach of personal data
- LifeLock bug exposed millions of customer email addresses
- A deep dive into one of Russia’s largest hacking forums
- Hackers breached Virginia bank twice in eight months
- How a group of imprisoned hackers introduced JPay to the world
- Head of hacked Bitcoin exchange pleads guilty to US charges
- The MalwareTech case resets to zero
For the more technical
- Vulnerability in Hangouts Chat a.k.a. how Electron makes open redirect great again
- Passing-the-Hash to NTLM authenticated web applications
- Using innocent roles to hide admin users
- A security issue in Intel’s Active Management Technology (AMT)
- Bluetooth security: Flaw could allow nearby attacker to grab your private data
- A story about three Bluetooth vulnerabilities in Android
- Kernel level privilege escalation in Oracle Solaris
- A study of car sharing apps
- Multiple vulnerabilities in Sony IPELA E series camera
- Swann’s home security camera recordings could be hijacked + technical description
- Buffer overflow vulnerabilities in AVEVA HMI solutions
- Dangerous vulnerability fixed in Moxa NPort serial network interface devices
- Multiple vulnerabilities in Samsung SmartThings hub
- NetSpectre: Read arbitrary memory over network (PDF)
- Spectre returns – speculation attacks using the Return Stack Buffer (PDF)
- Cisco removes undocumented root password from bandwidth monitoring software
- Cisco Webex Teams remote code execution vulnerability
- DHS warns of impending cyber-attacks on ERP systems
- Open ADB ports being exploited to spread possible Satori variant in Android devices
- Malware author builds 18,000-strong botnet in a day
- Attack inception: Compromised supply chain within a supply chain poses new risks
- Microsoft Office vulnerabilities used to distribute FelixRoot backdoor
- OilRig Targets Technology Service Provider and Government Agency with QuadAgent
- New version of the Kronos banking trojan discovered
- Mitigating Emotet, the most common banking trojan
- Calisto trojan for macOS
- Red Alert 2.0: Android trojan targets security-seekers
- Advanced mobile malware campaign in India uses malicious MDM
- Leafminer: new espionage campaigns targeting Middle Eastern regions
- A mining multitool
- LockCrypt ransomware decryption tool
- How a robotics vendor exposed confidential data for major manufacturing companies
- Security keys have been good to Google, so now it’s promoting one of its own + more information
- Yes, Google’s security key is hackable
- How to use Automatic Strong Passwords and Password Auditing in iOS 12
- Extracting data from an EMV (Chip-And-Pin) Card with NFC technology
- Secure Kali Pi 2018
- Analysis of the top 32 million passwords
- Cell phone monitoring. Who is watching the watchers?
- DDoS attacks in Q2 2018
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
One thought on “IT Security Weekend Catch Up – July 29, 2018”