IT Security Weekend Catch Up – July 6, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Server image mystery in Georgia election security case
  2. YouTube mystery ban on hacking videos has content creators puzzled
  3. GDPR Enforcement Tracker
  4. Four in 10 North American banks non’t use EV certificates
  5. Lloyd’s of London calls for cyber cover clarity in insurance policies
  6. Former Equifax exec gets 4 months in prison for insider trading after breach
  7. Utah man sentenced for computer hacking crime
  8. Eurofins Scientific: Forensic services firm paid ransom after cyber-attack
  9. Florida city fires IT employee after paying ransom demand last week
  10. 7-Eleven Japanese customers lose $500,000 due to mobile app flaw
  11. Over $800,000 stolen by scammers in Atlanta area city BEC fraud
  12. This Bitcoin money-laundering cartel was operating from inside a Florida prison
  13. China is forcing tourists to install text-stealing malware at its border
  14. Google’s Jigsaw was supposed to save the Internet. Behind the scenes, it became a toxic mess
  15. How Amazon and the cops set up an elaborate sting operation that accomplished nothing
  16. The simple way Apple and Google let domestic abusers stalk victims
  17. Which smart bulbs should you buy (from a security perspective)
  18. Pirates: So you want to join ‘The Scene’?

For the more technical

  1. How we hacked our colleague’s smart home
  2. Orvibo smart home devices leak billions of user records
  3. Android Security Bulletin—July 2019
  4. Tens of VMware products affected by SACK Panic and SACK Slowness flaws
  5. Breaking & entering with Zipato smart hubs
  6. Unfixable seed extraction on Trezor – a practical and reliable attack
  7. Centreon v19.04 remote code execution (CVE-2019-13024)
  8. Exploit using Microsoft Excel Power Query for remote DDE execution discovered
  9. Windows privilege escalation via AlwaysInstallElevated technique
  10. Cloudflare outage caused by bad software deploy
  11. Magento 2.3.1: Unauthenticated stored XSS to RCE
  12. A great show is now history, as is its insecure mobile app
  13. File-storage app 4shared caught serving invisible ads and making purchases without consent
  14. Cybersecurity of NATO’s space-based strategic assets
  15. Hackers hijacked VR chatrooms to manipulate users’ reality
  16. Malware development – welcome to the Dark Side [1], [2-1], [2-2], [3], [4]
  17. The commoditization of ATM malware in the cybercriminal underground
  18. Monero security flaw could’ve seen XMR stolen from cryptocurrency exchanges
  19. Sodin ransomware exploits Windows vulnerability and processor architecture
  20. First-ever malware strain spotted abusing new DoH (DNS over HTTPS) protocol
  21. An analysis of Godlua backdoor
  22. RATs and stealers rush through “Heaven’s Gate” with new loader
  23. A further look at the”Silentbruter” malware – Internal folder structures revealed
  24. New Dridex variant evading traditional antivirus
  25. New record in 2019: Emotet now has over 30.000 variants and counting
  26. New triple-threat mobile version of the malware WannaLocker targets banks in Brazil
  27. “Updates for Samsung” — from a blog to an Android advertisement revenue goldmine of 10,000,000+ users
  28. Operation Tripoli
  29. TA505 begins summer campaigns with a new pet malware downloader, AndroMut, in the UAE, South Korea, Singapore, and the United States
  30. Ratsnif – new network Vermin from OceanLotus
  31. ‘Silence’ hackers hit banks in Bangladesh, India, Sri Lanka, and Kyrgyzstan
  32. Multiple chinese threat groups exploiting CVE-2018-0798 equation editor vulnerability
  33. MFSocket: A Chinese surveillance tool
  34. A better zip bomb
  35. You (probably) don’t need ReCAPTCHA
  36. OpenID Foundation says ‘Sign In with Apple’ is not secure enough

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *