IT Security Weekend Catch Up – March 18, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

We were gone for a few weeks, but since many of you have asked for a comeback, here it is. We’ll try to keep it alive!

For the less technical

  1. OUCH! Security Awareness Newsletter (PDF)
  2. Tricks that cybercriminals use to hide in your phone
  3. Nude videos of Dutch Women’s Handball Team leaked
  4. The Dutch Data Protection Authority accidentally leaked its employees’ data
  5. How Equifax kept its mega breach secret from its own staff + additional information
  6. Researcher who stopped WannaCry
  7. How American tech help Turkey spy in Syria
  8. Chinese police are using smart glasses to identify potential suspects
  9. Facebook quietly hid webpages bragging about ability to influence elections
  10. Russian pleads guilty to aiding massive hacks in U.S.
  11. U.S. sanctions Russians for alleged election meddling + additional information
  12. Russian hackers attacked U.S. Aviation
  13. Saudi Arabia cyber attack goal was chemical plant explosion
  14. ENISA has established Transport Resilience and Security Expert Group
  15. China to bar people with bad social credit from planes, trains
  16. Narco Sub developments and trends

For the more technical

  1. Android Security 2017 Year In Review (PDF)
  2. Microsoft Security Intelligence Report is now available
  3. Critical security vulnerabilities in AMD processors (PDF)
  4. Controversies about the AMD backdoor
  5. CTS Labs responds to allegations
  6. Microsoft March 2018 Patch Tuesday
  7. Samba patches two critical vulnerabilities
  8. Serious flaws affect ManageEngine Applications Manager
  9. Cisco Prime Collaboration Provisioning hard-coded password vulnerability
  10. Several privacy-busting bugs found in popular VPN services
  11. MikroTik RouterOS SMB buffer overflow
  12. Mitigating speculative execution side channel hardware vulnerabilities
  13. Microsoft willing to pay up to $250,000 for Meltdown and Spectre exploits
  14. Detecting attacks that exploit Meltdown and Spectre with performance counters
  15. Pwn2Own 2018 results – day one (March 14), day two (March 15)
  16. Data exfiltration technique steals data from PCs using speakers, headphones
  17. DJI Spark hijacking
  18. Analysis of a Kubernetes hack
  19. Master password in Firefox or Thunderbird doesn’t improve security considerably
  20. Scanning the Alexa Top 1M for .DS_Store files
  21. LNK file in Startup folder can spawn arbitrary file/command
  22. Google tricked into serving scam Amazon ads
  23. Early memcached DDoS attack precursors and ransom notes
  24. Tropic Trooper’s new strategy
  25. An analysis of RoyalCli and RoyalDNS by APT15
  26. Donot Team leverages new modular malware framework in South Asia
  27. Sofacy uses DealersChoice to target European government agency
  28. OceanLotus ships new backdoor using old tricks
  29. Targeted attacks in the Middle East + additional information
  30. Russian government cyber activity targeting critical infrastructure sectors
  31. Chinese cyber espionage group targeting U.S. engineering and maritime industries
  32. How your Ethereum can be stolen through DNS rebinding
  33. Poisoned Torrent client triggered coin miner outbreak
  34. Dangerous malware stealing bitcoin hosted on Download.com for years
  35. A cryptocurrency miner in the Mac App Store + technical description
  36. New Monero mining malware discovered in Google Play
  37. IOTA signatures, private keys and address reuse
  38. The increasing threat of cryptocurrency miners
  39. Let’s Encrypt takes free wildcard certificates live
  40. Protecting against HSTS abuse

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *