IT Security Weekend Catch Up – May 15, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. The Instagram ads Facebook won’t show you
  2. Edward Snowden, “What I learned from games: playing for and against mass surveillance”
  3. ‘Deepfake’ that supposedly fooled European politicians was just a look-alike, say pranksters
  4. How China turned a prize-winning iPhone hack against the Uyghurs
  5. They told their therapists everything. Hackers leaked it all
  6. Peloton’s leaky API let anyone grab riders’ private account data
  7. ‘Phishing’ sites buying workplace login details linked to well-funded startup
  8. Credit card fraudster Sergey Pavlovich writes a new chapter
  9. Brazilian gang defrauds Uber, Lyft, DoorDash using GPS spoofing and stolen IDs
  10. Ransom demanded by cybercriminals in HSE attack but officials insist: ‘we won’t pay… it would open up Pandora’s Box’
  11. Ransomware attack leads to shutdown of major U.S. pipeline system
  12. Colonial Pipeline paid hackers nearly $5 million in ransom
  13. Darkside ransomware gang says it lost control of its servers & money a day after Biden threat
  14. Popular Russian hacking forum XSS bans all ransomware topics
  15. Ransomware ads now also banned on Exploit cybercrime forum
  16. Germany busts international child porn site used by 400,000

For the more technical

  1. 21Nails vulnerabilities impact 60% of the internet’s email servers + more information
  2. New Spectre flaws in Intel and AMD CPUs affect billions of computers (PDF)
  3. CVE-2021-21551- Hundreds of millions of Dell computers at risk due to multiple BIOS driver privilege escalation flaws
  4. Flexxon launches X-Phy SSD with embedded AI-based security features
  5. AirTag will interact with any NFC-capable smartphone to view a Lost Mode message
  6. Time to patch against FragAttacks but good luck with home routers and IoT devices + more information
  7. Microsoft May 2021 Patch Tuesday
  8. Exploiting custom protocol handlers for cross-browser tracking in Tor, Safari, Chrome and Firefox
  9. Vulnerable protocols leave firms open to further compromises
  10. China-linked APT group targets Russian nuclear sub designer with an undocumented backdoor
  11. UK and US share more vulnerabilities exploited by Russia’s APT29 hackers
  12. Privacy implications of accelerometer data: A review of possible inferences (PDF)
  13. Rapid7’s response to Codecov incident
  14. Malware group leaks millions of stolen authentication cookies
  15. Chinese military unit accused of cyber-espionage bought multiple western antivirus products
  16. RM3 – Curiosities of the wildest banking malware
  17. TeaBot: a new Android malware emerged in Italy, targets banks in Europe
  18. Fake Android and iOS apps disguise as trading and cryptocurrency apps
  19. Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity
  20. Microsoft warns: Watch out for this new malware that steals passwords, webcam and browser data
  21. Ransomware world in 2021: who, how and why
  22. The Fortnite trial is exposing details about the biggest iPhone hack on record
  23. Thousands of Tor exit nodes attacked cryptocurrency users over the past year

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *