IT Security Weekend Catch Up – May 10, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Love Bug’s creator tracked down to repair shop in Manila
  2. GoDaddy reports data breach involving SSH access on hosting accounts
  3. French subscribers to famous news site at risk from hacking, fraud
  4. 3.68 million MobiFriends user credentials stolen and shared on hacking forum
  5. A passwordless server run by spyware maker NSO sparks contact-tracing privacy concerns
  6. Who is Dmitry Badin, the GRU hacker indicted by Germany over the Bundestag hacks?
  7. Hacker bribed ‘Roblox’ insider to access user data
  8. Fake news kingpin is back to cash in on 2020’s hellscape
  9. Poland presidential election 2020: Disinformation strikes the military
  10. A thief stole two airplanes with a signature and a couple of stamps

For the more technical

  1. [VIDEO] Exploitation of a Samsung Galaxy Note 10+ zero-click RCE bug via MMS
  2. Mitigating vulnerabilities in endpoint network stacks
  3. Exploring macOS Calendar alerts: Attempting to execute code
  4. Cisco Adaptive Security Appliance software and Firepower Threat Defense software web services path traversal vulnerability
  5. Proof of concept exploit about OpenSSL signature_algorithms_cert DoS flaw
  6. SaltStack authorization bypass
  7. Salt incident: May 3rd 2020 retrospective and update
  8. PrivateVPN and Betternet vulnerabilities allow for fake or malicious updates
  9. Attackers exploit 0-day code-execution flaw in the Sophos firewall
  10. Attacking SCADA: Vulnerabilities in Schneider Electric SoMachine and M221 PL
  11. Cracking Age of Empires III over shader quality settings
  12. Azure Sphere Security Research Challenge now open
  13. EventBot: A new mobile banking trojan is born
  14. Credit card skimmer masquerades as favicon
  15. The many paths through Maze
  16. Europe’s largest private hospital operator Fresenius hit by ransomware
  17. ZLoader 4.0 macrosheets evolution
  18. Nazar: Spirits of the past
  19. Naikon APT: Cyber espionage reloaded
  20. The Cereals story – creating a botnet during breakfast
  21. DDoS attacks in Q1 2020
  22. Nearly a million WP sites targeted in large-scale attacks
  23. Microsoft’s GitHub account hacked, private repositories stolen
  24. POWER-SUPPLaY: Leaking data from air-gapped systems by turning the power-supplies into speakers (PDF)

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *