Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Avast scandal: Why we stopped recommending Avast & AVG
- Clean up your dirty past with ‘Fake My History’ from Opera GX
- BreachForums database and private chats for sale in hacker data breach
- Apple threatens to pull iMessage and FaceTime in the UK over law change
- Senate bill crafted with DEA targets end-to-end encryption, requires online companies to report drug activity
- NATO investigates alleged data theft by SiegedSec hackers
For the more technical
- Compromised Microsoft key: More impactful than we thought
- GameOver(lay): Easy-to-exploit local privilege escalation vulnerabilities in Ubuntu Linux affect 40% of Ubuntu cloud workloads
- Zenbleed (CVE-2023-20593)
- Exploiting MikroTik RouterOS hardware with CVE-2023-30799
- DDoS botnets target Zyxel vulnerability CVE-2023-28771
- Tomcat under attack: Exploring Mirai malware and beyond
- Introducing CVE-2023-24489: A critical Citrix ShareFile RCE vulnerability
- TETRA radio code encryption has a flaw
- TETRA:BURST – a collection of five vulnerabilities, affecting the Terrestrial Trunked Radio (TETRA) standard
- Interview with the ETSI standards organization that created TETRA “backdoor”
- Deconstructing PowerShell obfuscation in malspam campaigns
- A novel method for exploiting the “search-ms” URI protocol handler
- [VIDEO] Secure ArchLinux installation tutorial
- Massive Rust infostealer campaign aiming for macOS Sonoma ahead of public release
- Ransomware roundup – Cl0p
- Ransomware spotlight: Play
- Conti and Akira: Chained together
- North Korea leverages SaaS provider in a targeted supply chain attack
- First known targeted OSS supply chain attacks against the banking sector
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.