IT Security Weekend Catch Up – March 30, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

We were gone for a few weeks, but since many of you have asked for a comeback, here it is. We’ll try to keep it alive!

For the less technical

  1. The dark web’s favorite currency is less untraceable than it seems
  2. [AUDIO] Why Russia “hacks” elections: a spy’s-eye view
  3. Brute force attack known as password spraying against organizations in the United States
  4. Mastermind behind EUR 1 billion cyber bank robbery arrested in Spain
  5. Boeing possibly hit by ‘WannaCry’ malware attack
  6. Improving credential abuse threat mitigation
  7. The hilarious ways algorithms have outsmarted their creators
  8. Working towards a more diverse future in security

For the more technical

  1. Brian Krebs report on Coinhive
  2. Angry users donate $120k to cancer research after Brian Krebs’ Coinhive article
  3. [VIDEO] Tracing stolen bitcoin + PDF
  4. Hackers are using a 5-year-old vulnerability to mine Monero
  5. How machine learning detects cryptocurrency-mining malware
  6. Monero-mining HiddenMiner Android malware can potentially cause device failure
  7. Microsoft’s Meltdown patch created an even bigger flaw
  8. Vulnerabilities in Siemens’ building technologies products (PDF)
  9. Serious vulnerability identified in Beckhoff TwinCAT PLC software solution
  10. Multiple vulnerabilities identified in the Modicon family of industrial controllers
  11. Cisco addresses critical remote code execution flaws in IOS XE operating system
  12. One hash to rule them all: drupalgeddon2 + additional information
  13. The top 10 vulnerabilities used by cybercriminals
  14. Apache Struts 2 vulnerability
  15. Intel CPUs vulnerable to new ‘BranchScope’ attack + PDF
  16. VPN leaks users’ IPs via WebRTC
  17. Grindr security flaw exposes users’ location data
  18. Life cycle of a web app 0day
  19. From hacked client to 0day discovery
  20. Arbitrary files upload in Amazon Go
  21. Side-channel information leakage in mobile applications
  22. Omitting the “o” in .com could be costly
  23. Suspicious likes lead to researcher lighting up a 22,000-strong botnet on Twitter
  24. Taking down Gooligan – part 1, 2 & 3
  25. An analysis of 24 hours of Internet attacks using honeypots (PDF)
  26. Threat landscape for industrial automation systems in H2 2017
  27. Overview of MuddyWater
  28. Lazarus group targets more cryptocurrency exchanges and FinTech companies
  29. ChessMaster adds updated tools to its arsenal
  30. GoScanSSH malware targets SSH servers
  31. The number of new malware types continued rising
  32. An in-depth malware analysis of QuantLoader
  33. Panda Banker zeros in on Japanese targets
  34. In-depth Formbook malware analysis
  35. Fauxpersky malware poses as Kaspersky antivirus
  36. Windows IRC bot in the wild
  37. Pingu Cleans Up: subscription scam on Google Play
  38. A document that could (supposedly) only be read with Office Professional
  39. Portable Executable File corruption preventing malware from running
  40. Getting to know Cloud Armor – defense at scale for internet-facing services
  41. The last Windows XP security white paper
  42. What’s broken in iOS for iPhone X
  43. Qubes OS 4.0 has been released
  44. LKRG 0.2 was just released

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *