IT Security Weekend Catch Up – March 22, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

Looking for sponsors

Over 3 year of weekly delivery of fresh IT security news, thousands of links and happy readers. You can become part of IT Security Weekly Catch Up by becoming a sponsor. Interested? Get in touch at badcybercom[at] (and please, no VPNs/crypto/poker etc.)

For the less technical

  1. The inside scoop on a six-figure Nigerian fraud campaign
  2. RSF unveils 20/2020 list of press freedom’s digital predators
  3. German military laptop with classified data sold on Ebay
  4. A UK-based security company seemed to have inadvertently exposed its ‘Leaks Database’ with 5B+ records

For the more technical

  1. Welcome to Pwn2Own 2020 – The schedule and live results
  2. Pwn2Own day two – Results and Master of Pwn
  3. Two Trend Micro zero-days exploited in the wild by hackers
  4. Deep dive: Snoop-assisted L1 Data Sampling + affected processors
  5. Adobe fixes nine critical vulnerabilities in Reader, Acrobat + details
  6. Here’s the Netflix account compromise Bugcrowd doesn’t want you to know about
  7. Mass account takeovers using HTTP Request Smuggling on Slack to steal session cookies
  8. The unexpected Google wide domain check bypass
  9. Vulnerabilities patched in Popup Builder plugin affecting over 100,000 sites
  10. Norsk Hydro outage may have been destructive state attack (PDF)
  11. Probing Pawn Storm: Cyberespionage campaign through scanning, credential phishing and more
  12. Web browser for developers leaves user data exposed
  13. This PIN can be easily guessed (PDF)
  14. Is cryptojacking dead after Coinhive shutdown? (PDF)
  15. MonitorMinor: vicious stalkerware?
  16. New TrickBot module bruteforces RDP connections, targets select telecommunication services in US and Hong Kong
  17. They come in the night: Ransomware deployment trends
  18. Security breach disrupts fintech firm Finastra
  19. Android – Coronavirus – related malware tracker
  20. CovidLock: Mobile Coronavirus tracking app coughs up ransomware
  21. Ransomware gangs to stop attacking health orgs during pandemic
  22. Covid-19 drug advice from the WHO spoofed to distribute HawkEye info-stealer
  23. Acunetix is offering complimentary licenses to agencies fighting COVID-19
  24. Full file system and keychain extraction: now with iOS 13 and iPhone 11 support
  25. Firefox to remove support for the FTP protocol

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *