IT Security Weekend Catch Up – May 16, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. A flood of coronavirus apps are tracking us. Now it’s time to keep track of them
  2. A hacker group is selling more than 73 million user records on the dark web
  3. Ransomware gang asks $42m from NY law firm, threatens to leak dirt on Trump
  4. Hackers’ private chats leaked in stolen WeLeakData database
  5. How international users unwittingly build up WeChat’s Chinese censorship apparatus (PDF)
  6. Here’s who just voted to let the FBI seize your online search history without a warrant

For the more technical

  1. PrintDemon: Print spooler privilege escalation, persistence & stealth (CVE-2020-1048 & more)
  2. Microsoft May 2020 Patch Tuesday
  3. Reverse RDP – The path not taken
  4. Thunderbolt Flaws expose millions of PCs to hands-on hacking
  5. Breaking Thunderbolt 3 security
  6. CVE-2020-12720: vBulletin urges users to patch undisclosed security vulnerability
  7. Critical flaws in cybersecurity devices exposed entire networks to attack and takeover
  8. A mistake at Facebook broke Spotify, Venmo, TikTok, and other iPhone apps
  9. Top 10 routinely exploited vulnerabilities
  10. Two vulnerabilities in Oracle’s iPlanet Web Server (CVE-2020-9315 and CVE-2020-9314)
  11. Backtracking MageCart infections
  12. App promises news feeds, brings DDoS attacks instead
  13. Estimated 24,000 Android apps expose user data through Firebase blunders
  14. Mandrake – owning Android devices since 2016
  15. COMpfun authors spoof visa application with HTTP status-based trojan
  16. Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia
  17. APT group planted backdoors targeting high profile networks in Central Asia
  18. Updated BackConfig malware targeting government and military organizations in South Asia
  19. Hackers target the air-gapped networks of the Taiwanese and Philippine military
  20. Tropic Trooper’s back: USBferry attack targets air-gapped environments (PDF)
  21. Ransomware hit ATM giant Diebold Nixdorf
  22. Ransomware now demands extra payment to delete stolen files
  23. Astaroth – Maze of obfuscation and evasion reveals dark stealer
  24. Cyberthreats on lockdown
  25. Attacks on smart manufacturing systems (PDF)
  26. Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks
  27. Drupal security guide: How to secure & protect your website
  28. The many kinds of creepware used for interpersonal attacks (PDF)
  29. Working around the iPhone USB Restricted Mode

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *