IT Security Weekend Catch Up – June 20, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Double-double tracking: How Tim Hortons knows where you sleep, work and vacation
  2. Dating apps exposed 845 GB of explicit photos, chats, and more
  3. South African bank to replace 12m cards after employees stole master key
  4. Amazon’s enforcement failures leave open a back door to banned goods—some sold and shipped by Amazon itself
  5. Coder-turned-kingpin Paul Le Roux gets his comeuppance
  6. Former eBay execs allegedly made life hell for critics
  7. How @YourAnonCentral hijacked the news with fake stories
  8. How I accidentally hijacked someone’s WhatsApp
  9. Introducing Firefox Private Network VPN’s official product – the Mozilla VPN
  10. Mexico’s biggest telecommunications operator is blocking Tor network
  11. GitHub to replace “master” with alternative term to avoid slavery references

For the more technical

  1. The Curious Case of Copy & Paste – on risks of pasting arbitrary content in browsers
  2. Firefox & Chrome privacy leakage: search term is sent to ISP without user’s consent
  3. A survey of recent iOS kernel exploits
  4. SOHO device exploitation
  5. 6 new vulnerabilities found on D-Link home routers
  6. BraveStarr – A Fedora 31 netkit telnetd remote exploit
  7. Ripple20: 19 zero-day vulnerabilities amplified by the supply chain
  8. A vulnerability in IBM Maximo was fixed
  9. A click from the backyard | Analysis of CVE-2020-9332, a vulnerable USB redirection software
  10. Threat vector: GTP. Vulnerabilities in LTE and 5G networks 2020
  11. VLC Media Player 3.0.11 fixes severe remote code execution flaw
  12. Adobe patches 18 critical flaws in out-of-band update
  13. Massive spying on users of Google’s Chrome shows new security weakness
  14. Explicit content and cyberthreats: 2019 report
  15. is phishing bitcoin from users of private messaging service
  16. Global COVID 19-related phishing campaign by North Korean operatives Lazarus group
  17. Vendetta group and the COVID-19 phishing emails
  18. India: Human rights defenders targeted by a coordinated spyware operation
  19. Operation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies
  20. Copy-paste compromises – tactics, techniques and procedures used to target multiple Australian networks
  21. Digging up InvisiMole’s hidden arsenal
  22. ‘Work pressure’ sees Maze ransomware gang demand payoff from wrong company
  23. Hackers for hire: An overview of the unethical services offered on the Darknet
  24. AWS said it mitigated a 2.3 Tbps DDoS attack, the largest ever (PDF)
  25. AvaMaria RAT analysis
  26. Black Kingdom ransomware (TTPs & IOC)
  27. Stalkerware Test 2020 (PDF)
  28. Hashcat 6.0.0 released
  29. Zoom: End-to-end encryption update
  30. The secret life of GPS trackers
  31. Week in OSINT

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *