IT Security Weekend Catch Up – May 12, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. OUCH! Newsletter: A career in cybersecurity (PDF)
  2. Google’s web security researcher Krzysztof Kotowicz: Insecure coding is the default
  3. Google thought my phone number was Facebook’s and it ruined my life
  4. Facebook algorithms make it harder to catch extremists
  5. What’s behind the Wolters Kluwer tax outage?
  6. Amazon hit by extensive fraud with hackers siphoning merchant funds
  7. Nine charged in alleged SIM swapping ring + more information
  8. Binance security breach update
  9. Cryptocurrency laundering as a service: members of a criminal organisation arrested in Spain
  10. Dutch cops take largest dark web coffeeshop offline
  11. Coffee, poker and weed entrepreneurs—meet the Israelis accused of being $15 million dark web drug shills
  12. U.S. cyberwar strategy stokes fear of blowback
  13. What Israel’s strike on Hamas hackers means for cyberwar
  14. Inside China’s massive surveillance operation
  15. Putin signs law to create an independent Russian internet
  16. Plan to secure internet of things with new law
  17. DuckDuckGo wrote a bill to stop advertisers from tracking you online
  18. German justice minister takes aim at Amazon over Alexa
  19. Microsoft recommends using a separate device for administrative tasks

For the more technical

  1. Remote code execution bug in SQLite
  2. Google AdWords exploit seen in the wild
  3. Multiple bugs in several Jenkins plugins
  4. Vulnerable Apache Jenkins exploited in the wild
  5. New Intel firmware boot verification bypass enables low-level backdoors
  6. Cronjob backdoors
  7. Confluence vulnerability exploited to deliver cryptocurrency miner with rootkit
  8. Cybercriminals competing for cryptocurrency mining foothold
  9. Microsoft SharePoint servers are under attack
  10. Matrix.org: Post-mortem and remediations for Apr 11 security incident
  11. BadWPAD and wpad.pl / wpadblocking.com case (part 2)
  12. Malicious DLL execution using Apple’s APSDaemon.exe signed binary
  13. Ongoing credit card data leak
  14. Mirrorthief group uses Magecart skimming attack to hit hundreds of campus online stores
  15. FIN7.5: the infamous cybercrime rig “FIN7” continues its activities
  16. Hacker takes over 29 IoT botnets + interview
  17. A hacker is wiping Git repositories and asking for a ransom
  18. Samsung spilled SmartThings app source code and secret keys
  19. LockerGoga ransomware family used in targeted attacks
  20. GandCrab’s new evasive infection chain
  21. Severe ransomware attacks against Swiss SMEs
  22. Dharma ransomware uses AV tool to distract from malicious activities
  23. A free decrypter for ZQ ransomware
  24. A free decrypter for MegaLocker ransomware
  25. Hackers selling access and source code from antivirus companies + more information
  26. Turla LightNeuron: An email too far
  27. Iranian nation-state APT groups – “black box” leak
  28. NSA hacking tools used by Chinese hackers one year before leak
  29. SilverTerrier – 2018 Nigerian Business Email Compromise
  30. 2019 Data Breach Investigations Report
  31. HITBSecConf2019 – materials
  32. Researchers are liberating thousands of pages of forgotten hacking history from the government
  33. The DPR, in the Tor Hidden Service, with the Bitcoins
  34. ‘Unhackable’ encrypted flash drive eyeDisk is, as it happens, hackable
  35. Throwing 500 vm’s at your fuzzing target being an individual security researcher
  36. Mastering NSA’s Ghidra reverse engineering tool (PDF)
  37. Experts doubt Russian claims that cryptographic flaw was a coincidence
  38. Android security: Queue the hardening enhancements
  39. What’s new in Android Q security
  40. Google Chrome to support same-site cookies, get anti-fingerprinting protection
  41. Mozilla bans Firefox add-ons with obfuscated code
  42. Staying anonymous on Wire
  43. Duplicati 2.0 – free backup software to store encrypted backups online
  44. Private search engines – the ultimate guide

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *