IT Security Weekend Catch Up – July 7, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. OUCH! Security Awareness Newsletter: Phone call attacks & scams (PDF)
  2. Hamas created dating apps and fake Facebook profiles to try to lure Israeli soldiers
  3. Europe is using smartphone data as a weapon to deport refugees
  4. The great firewall of China: Xi Jinping’s internet shutdown
  5. The state of Internet censorship in Egypt
  6. Danske Bank money laundering allegations
  7. How to get away with financial fraud
  8. UK banks told to show their backup plans for tech shutdowns
  9. Did Satoshi Nakamoto write this book excerpt?
  10. D.B. Cooper: investigators claim they’ve discovered skyjacker’s identity
  11. Poland’s surveillance law targets personal data of environmental advocates, threatening U.N. climate talks
  12. The app developers sifting through your Gmail
  13. Google says it doesn’t get paid for giving third-party apps access to Gmail
  14. Key Brexit documents left on Eurostar train in embarrassing security bungle
  15. Superyacht cybercrime: the next big thing?
  16. Data from open-source ancestry site GEDMatch has led to more arrests
  17. Brazil’s PCC has become a multinational criminal enterprise

For the more technical

  1. Malicious macro hijacks desktop shortcuts to deliver backdoor
  2. Two new zero-day exploits in the same PDF
  3. A look into recent exploit kit activities
  4. A virus infecting tens of thousands of Fortnite players
  5. Downloader with a twist (PDF)
  6. GandCrab v4.1 in the wild - first Windows XP and Server 2003 impacting ransomware SMB worm
  7. Why VPNFilter is like a Moonlight Maze
  8. Check your router for VPNFilter
  9. Smoke Loader learned new tricks
  10. A new campaign involving the FormBook malware
  11. Even more Fake Santander Bank invoices delivering Trickbot
  12. Obfuscated Coinhive shortlink reveals larger mining operation + more information
  13. CoinImp cryptominer and fully qualified domain names
  14. Rakhni ransomware adds coinminer component
  15. Nozelesn ransomware reportedly using spam to target Poland
  16. Gentoo publishes incident report after GitHub hack
  17. Hacking a massive Steam scamming and phishing operation for fun and profit
  18. Con artists are fleecing Uber drivers + additional information
  19. Reading hotel key cards with a credit card magstripe reader
  20. Two-thirds of second-hand memory cards contain data from previous owners
  21. Thermanator: thermal residue-based post factum attacks on keyboard password entry
  22. Canon DSLR Bluetooth Remote Protocol reverse engineered
  23. Google CTF 2018 Quals – BBS
  24. Distinguishing attacks from legitimate traffic at an authentication server (PDF)
  25. Download bomb trick returns in Chrome – also affects Firefox, Opera, Vivaldi and Brave
  26. “Stylish” browser extension steals all your internet history
  27. These academics spent the last year testing whether your phone is secretly listening to you
  28. How Smart TVs in millions of U.S. homes track more than what’s on tonight
  29. The $12,000 intersection between clickjacking, XSS, and denial of service
  30. RCE by uploading a web.config
  31. Vulnerabilities patched in VMware ESXi, Workstation, Fusion
  32. WordPress 4.9.7 update fixes pair of security vulnerabilities
  33. Zerodium offers up to $500,000 for Linux zero-day exploits

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *