IT Security Weekend Catch Up – March 31, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. How internet mercenaries do battle for authoritarian governments
  2. Bezos investigation finds the Saudis obtained his private data
  3. Michael Cohen warrants show how the FBI can unlock your phone and track your movements
  4. Security researcher pleads guilty to hacking into Microsoft and Nintendo
  5. Tesla cars keep more data than you think, including this video of a crash that totaled a Model 3
  6. [AUDIO] Grugq illuminates influence operations
  7. Years of Mark Zuckerberg’s old Facebook posts have vanished
  8. Police and FACT raids target “£3 Million” pirate TV operation
  9. The hacker code: Don’t listen to the experts
  10. Celebrating 30 years in cybersecurity
  11. Towards better vendor security assessments
  12. Casino Screwup Royale: A tale of “ethical hacking” gone awry
  13. [DE] Firefox Lockbox: Android-App mit Adjust-Tracker

For the more technical

  1. VMware ESXi, Workstation and Fusion updates address multiple security issues
  2. Critical RCE bug in Cisco WebEx browser extensions faces ‘ongoing exploitation’
  3. Cisco RV320 command injection + unauthenticated configuration export + unauthenticated diagnostic data retrieval
  4. WinRAR zero-day abused in multiple campaigns
  5. Unpatched zero-days in Microsoft Edge and IE browsers disclosed publicly
  6. CVE-2019-0192: Mitigating unsecure deserialization in Apache Solr
  7. Google Groups authorization bypass / $500 bounty
  8. SQL injection in Magento core + technical description
  9. Hackers abuse Magento PayPal integration to test validity of stolen credit cards
  10. Researchers find 36 new security flaws in LTE protocol (PDF)
  11. Researchers discover and abuse new undocumented feature in Intel chipsets (PDF)
  12. How Microsoft found a Huawei driver that opened systems to attack + more information
  13. What a second flaw in Switzerland’s sVote means for NSW’s iVote
  14. French gas stations robbed after forgetting to change gas pump PINs
  15. F-35 far from ready to face current or future threats, testing data shows
  16. Threat landscape for industrial automation systems. H2 2018
  17. Inside the ASUS supply chain attack
  18. Unleash the hash – ShadowHammer MAC address list
  19. Android security & privacy year in review 2018
  20. Android ecosystem of pre-installed apps is a privacy and security mess
  21. Researchers find Google Play Store apps were actually government malware
  22. Exodus: New Android spyware made in Italy
  23. Bots and botnets in 2018
  24. PsiXBot: The evolution of a modular .NET bot
  25. The document that eluded AppLocker and AMSI
  26. Lucky Elephant campaign masquerading
  27. Trickbot: Technical analysis of a banking trojan malware
  28. Emotet update: New C2 communication followed by new infection chain
  29. Emotet-distributed ransomware loader for Nozelesn found via managed detection and response
  30. Unnam3d ransomware locks files in protected archives, demands gift cards
  31. Halting the Lockergoga ransomware
  32. Cryptocurrency businesses still being targeted by Lazarus
  33. Scanbox watering hole targets Pakistani and Tibetan government website visitors
  34. Elfin: Relentless espionage group targets multiple organizations in Saudi Arabia and U.S.
  35. New steps to protect customers from hacking
  36. Commando VM: The first of its kind Windows offensive distribution
  37. Keybase is not softer than TOFU
  38. Gmail’s end-to-end encryption project is dead
  39. Powerful script to delete full Discord message history
  40. Deconstructing Apple Card: A hacker’s perspective
  41. Finding the real origin IPs hiding behind CloudFlare or Tor
  42. Hackle – search engine for hackers and security professionals
  43. Pastebin dump collection + OSINT bot identifying potential leaks on paste sites

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *