IT Security Weekend Catch Up – June 13, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Federal officials recover bitcoin ransom from Colonial Pipeline attack
  2. Apple pays millions to end customer’s explicit images leak lawsuit
  3. Volkswagen says a vendor’s security lapse exposed 3.3 million drivers’ details
  4. Hackers steal wealth of data from game giant EA
  5. How hackers used Slack tobreak into EA games
  6. JBS paid $11 million to REvil ransomware, $22.5M first demanded
  7. CD Projekt: Data stolen in ransomware attack now circulating online
  8. Exagrid pays $2.6m to Conti ransomware attackers
  9. EpsilonRed ransomware group hits one of India’s financial software powerhouses
  10. Avaddon ransomware shuts down and releases decryption keys
  11. Computer memory maker ADATA hit by Ragnar Locker ransomware
  12. Slilpp marketplace disrupted in international cyber operation
  13. 800 criminals arrested in biggest ever law enforcement operation against encrypted communication
  14. Russian hackers breached Dutch police systems in 2017
  15. Call for crimes? Russian-language forum runs contest for cryptocurrency hacks

For the more technical

  1. A zero-day Google Chrome security flaw requires you to update now + more information
  2. PuzzleMaker attacks with Chrome zero-day exploit chain
  3. Microsoft June 2021 Patch Tuesday
  4. Fuzzing the Office ecosystem
  5. VMware fixes critical vCenter Server RCE vulnerability + PoC
  6. Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug
  7. Privacy analysis of FLoC
  8. ALPACA, a new type of man in the middle attack in HTTPS
  9. New large-scale campaign targets Kubeflow
  10. Siloscape: First known malware targeting Windows containers to compromise cloud environments
  11. Another brick in the Wall: eCrime groups leverage SonicWall VPN vulnerability
  12. Session Traversal Utilities for NAT (STUN) reflection/amplification
  13. Gootkit: the cautious Trojan
  14. New Evil Corp ransomware mimics PayloadBin gang to evade US sanctions
  15. Prometheus ransomware gang: A group of REvil?
  16. Gelsemium: When threat actors go gardening
  17. Picture this: Malware hides in Steam profile images
  18. Two weeks of securing Samsung devices
  19. BackdoorDiplomacy: Upgrading from Quarian to Turian
  20. Big airline heist: APT41 likely behind massive supply chain attack
  21. Best practices for MITRE ATT&CK mapping (PDF)
  22. GitHub updates policies on vulnerability research, malware, and exploits
  23. iOS 15: Find My network can still find your iPhone when it is powered off, or factory reset

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *