IT Security Weekend Catch Up – March 16, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. How kids are using Google Docs to bully each other
  2. Facial recognition’s ‘dirty little secret’: Millions of online photos scraped without consent
  3. Debit card with built-in fingerprint reader begins trial in the UK
  4. Insert skimmer & camera cover PIN stealer
  5. Two-thirds of secondhand USB drives still contain previous owners’ data
  6. The Intercept shuts down access to Snowden trove
  7. China database lists ‘breedready’ status of 1.8 million women
  8. Sydney man charged with selling personal details of customers online
  9. Columbia Surgical Specialists pays almost $15k ransom following ransomware attack
  10. Crypto exec arrested for “multibillion-dollar pyramid scheme”
  11. North Korea stole cryptocurrency via hacking
  12. Inside the August plot to kill Maduro with drones

For the more technical

  1. Microsoft March 2019 Patch Tuesday
  2. The fourth horseman: CVE-2019-0797 vulnerability
  3. Root cause of the kernel privilege escalation vulnerabilities CVE-2019-0808
  4. Windows 10 to automatically remove updates that cause problems
  5. Adobe releases patches for critical flaws in Photoshop CC and Digital Edition
  6. Attackers exploiting WinRAR UNACEV2.DLL vulnerability (CVE-2018-20250)
  7. A saga of code executions on Zimbra
  8. UPnP-enabled connected devices in the home and unpatched known vulnerabilities
  9. WordPress 5.1 CSRF to remote code execution
  10. WordPress WooCommerce XSS vulnerability
  11. Pandora’s Box: Another new way to leak all your sensitive data
  12. TLS: 64bit-ish serial numbers & mass revocation
  13. Extracting BitLocker keys from a TPM
  14. Researchers find critical backdoor in Swiss online voting system
  15. Gaming industry still in the scope of attackers in Asia
  16. Analyzing sophisticated PowerShell targeting Japan
  17. Study of the Belonard Trojan, exploiting zero-day vulnerabilities in Counter-Strike 1.6
  18. Inside the Emotet banking trojan and malware distributor
  19. DanaBot control panel revealed
  20. ‘DMSniff’ POS malware actively leveraged to target small-, medium-sized businesses
  21. Inserting malware into anyone’s Google Earth Projects Archive
  22. Threat actors leverage credential dumps to breach cloud accounts worldwide
  23. From RCE to LDAP access
  24. Penetration testing Active Directory – privilege escalation & reconnaissance
  25. Spam and phishing in 2018
  26. Two-thirds of all Android antivirus apps are frauds
  27. SimBad: A rogue adware campaign on Google Play
  28. A password-storage field study with freelance developers (PDF)
  29. Google Chrome to add drive-by-download protection
  30. Firefox Send – a free, encrypted file sharing service

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *