Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Gozi malware gang member arrested in Colombia
- Coordinated action cuts off access to VPN service used by ransomware groups
- Mercedes-Benz USA announces initial findings of data investigation affecting customers and interested buyers
- Ransomware gangs now creating websites to recruit affiliates
For the more technical
- Gears of Chaos vulnerability chain (NETGEAR WAC104 access point)
- Microsoft finds new NETGEAR firmware vulnerabilities that could lead to identity theft and full system compromise
- CVE-2018-18472: Western Digital My Book Live mass exploitation
- Cisco routers come under attack, including a destructive hacktivist campaign
- Zyxel firewalls and VPNs under active cyberattack
- How we are able to hack any company by sending message – $20,000 bounty [CVE-2021–34506]
- How I found my first Chrome bug (CVE-2021–21210)
- Google Compute Engine (GCE) VM takeover via DHCP flood
- Microsoft’s Halo dev site breached using dependency hijacking
- How a Docker footgun led to a vandal deleting NewsBlur’s MongoDB database
- Security flaws in Atlassian’s platform led to account takeover in one click
- Backdoored client from Mongolian CA MonPass
- Lorenz ransomware: analysis and a free decryptor
- Builder for Babuk Locker ransomware leaked online
- Diavol – A new ransomware used by Wizard Spider?
- Microsoft signed a malicious Netfilter rootkit
- SMB worm “Indexsinas” uses lateral movement to infect whole networks
- SolarWinds hackers breach Microsoft customer support to target its customers
- Kaseya supply chain attack delivers mass ransomware event to US companies
- FBI, NSA: Russian military cyber-unit behind large-scale brute-force attacks
- 2020 Report on Threats Affecting ICS Endpoints (PDF)
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.