IT Security Weekend Catch Up – June 9, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. OUCH! Newsletter: Dark Web (PDF)
  2. Baltimore ransomware perp pinky-swears he didn’t use NSA exploit
  3. Eurofins Scientific detects ransomware in some of its IT systems
  4. Ransomware attack costs Norsk Hydro tens of millions of dollars
  5. NordVPN sued by TorGuard for trying to disclose their own vulnerability to them (PDF)
  6. For two hours, a large chunk of European mobile traffic was rerouted through China
  7. The EU’s embassy in Russia was hacked but the EU kept it a secret
  8. Software vendor may have opened a gap for hackers in 2016 swing state
  9. Hackers steal 19 years’ worth of data from a top Australian university
  10. The aftermath of a data breach: A personal story
  11. Should failing phish tests be a fireable offense?
  12. Canada uses civil anti-spam law in bid to fine malware purveyors
  13. Assange won’t face charges over role in devastating CIA leak
  14. Four international hacking suspects charged with racketeering
  15. 18 arrested in the UK and Romania for €20 million fake train ticket scam

For the more technical

  1. Millions of Exim mail servers exposed to local, remote attacks
  2. VMware patches vulnerabilities in Tools, Workstation
  3. Update your Fortigates if you use SSLVPN
  4. Stopping SharePoint’s CVE-2019-0604
  5. CVE-2019-0725: An analysis of its exploitability
  6. Export corrupts Windows Event Log files
  7. Diebold Nixdorf warns customers of RCE bug in older ATMs
  8. Plot to steal cryptocurrency foiled by the npm security team + more information
  9. Bypassing CSP with policy injection
  10. We decide what you see: Remote code execution on a major IPTV platform
  11. Germany: Backdoor found in four smartphone models; 20,000 users infected
  12. How Ledger hacked an HSM
  13. How a quantum computer could break 2048-bit RSA encryption in 8 hours
  14. How to attack Kerberos?
  15. Investigating an attack against Recorded Future in real time
  16. Infected cryptocurrency-mining containers target Docker hosts with exposed APIs
  17. BlackSquid slithers into servers and drives with 8 notorious exploits to drop XMRig miner
  18. Monero-mining malware PCASTLE zeroes back in on China
  19. How a remote tech writing gig proved to be an old-school scam
  20. New phishing attacks use PDF docs to slither past the gateway
  21. PHA family highlights: Triada
  22. Hollywood lie: Bank hacks take months, not seconds (PDF)
  23. Platinum APT group is back
  24. Threat actors cobble together open-source pieces into monstrous Frankenstein campaign
  25. Actors in support of Iranian interests used impersonation of real individuals on social media
  26. Twitterbots: Anatomy of a propaganda campaign
  27. Government sector in Central Asia targeted with new HAWKBALL backdoor
  28. Google Cloud networking incident
  29. Using a HackRF to reverse engineer and control restaurant pagers
  30. Windows boot from UEFI to kernel
  31. The clever cryptography behind Apple’s ‘Find My’ feature
  32. How does Apple (privately) find your offline devices?
  33. Step by step guide to iOS jailbreaking and physical acquisition
  34. Firefox starts blocking third-party cookies by default

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *