IT Security Weekend Catch Up – March 21, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. ‘I scrounged through the trash heaps… now I’m a millionaire:’ An interview with REvil’s Unknown
  2. Computer giant Acer hit by $50 million ransomware attack
  3. Egor Igorevich Kriuchkov criminal complaint
  4. The Infraud Organization victimized millions of people and caused more than $568 million in financial losses
  5. Arrest warrant issued for Canadian CEO after authorities allege company’s messaging app used by international crime groups
  6. Teen who hacked Joe Biden and Bill Gates’ Twitter accounts sentenced to three years in prison
  7. Bitcoin: Fake Elon Musk giveaway scam ‘cost man £400,000’
  8. A hacker got all my texts for $16
  9. Cars have your location. This spy firm wants to sell it to the U.S. military
  10. The most invasive apps: which apps are sharing your personal data?
  11. Clearview AI: Your face is not your own
  12. Signal: China appears to have blocked encrypted messaging app
  13. Victoria University of Wellington accidentally nukes files on all desktop PCs
  14. America’s drinking water is surprisingly easy to poison

For the more technical

  1. Exchange On-premises Mitigation Tool (EOMT)
  2. Microsoft Exchange servers targeted by DearCry ransomware abusing ProxyLogon bugs
  3. A Spectre proof-of-concept for a Spectre-proof web
  4. Detection capabilities for recent F5 BIG-IP/BIG-IQ iControl REST API vulnerabilities CVE-2021-22986
  5. MyBB remote code execution chain
  6. TikTok for Android 1-click RCE
  7. GitHub has a permission problem
  8. How I hacked Facebook: Part one & Part two
  9. New old bugs in the Linux Kernel
  10. [VIDEO] Spooky RYUKy: Chapter 2 | Van Ta & Aaron Stephens | SANS CTI Summit 2021
  11. Missed opportunity: Bug in LockBit ransomware allowed free decryptions
  12. Google: A mysterious hacking group used 11 different zero-days in 2020
  13. Technical analysis of Operation Diànxùn (PDF)
  14. Mimecast: Report on our security incident investigation
  15. Security agencies leak sensitive data by failing to sanitize PDF files
  16. COVID-19: Examining the threat landscape a year later
  17. 2020 Internet Crime Report (PDF)
  18. Hidden menace: Peeling back the secrets of OnionCrypter
  19. New macOS malware XcodeSpy Targets Xcode Developers with EggShell Backdoor
  20. Datagram Transport Layer Security (D/TLS) reflection/smplification DDoS attack mitigation recommendations
  21. Mobdro pirate streaming: Police arrest suspect, three others questioned

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *