Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Facebook data on 3 million users exposed through personality quiz
- Russian troll farm hijacked American teen girls’ computers for likes
- Pakistan: human rights under surveillance
- When spies hack journalism
- U.S. identifies suspect in major leak of CIA hacking tools + additional information
- Vietnamese hackers trigger software trap after Australian sale of newspaper in Cambodia
- Serbia arrests FBI-sought cybercrime suspect
- Hacker publicly posts data stolen from government-linked cyberespionage group
- Police seize servers of bulletproof provider known for hosting malware ops
- Hacker breaches Securus, the company that helps cops track phones across the US
- US cell carriers are selling access to your real-time phone location data
- T-Mobile employee made unauthorized ‘SIM swap’ to steal Instagram account
- The mysterious heir of extreme travel
- How to spot a catfish candidate
- Google Photos auto-syncs when you connect to Wi-Fi
- Business email compromise incidents
- How organizations can best protect themselves against cyberattacks
- Thieves suck millions out of Mexican banks in transfer heist
For the more technical
- DHCP client script code execution vulnerability
- What makes the DynoRoot bug unique?
- Emails encrypted with OpenPGP, S/MIME vulnerable to new attacks (PDF)
- A new Spectre attack can even reveal firmware secrets
- Security flaw impacts Electron-based apps
- Signal-desktop HTML tag injection + variant 2
- Adobe releases critical security updates for Acrobat and Reader
- Double zero-day vulnerabilities fused into one
- CVE-2018-8174 and forcing Internet Explorer exploits
- Binary SMS - the old backdoor to your new thing
- Severe DoS flaw discovered in Siemens SIMATIC PLCs + additional information
- Multiple vulnerabilities closed in Advantech WebAccess
- DrayTek router zero-day under attack
- ZipperDown vulnerability may impact 10% of all iOS apps
- A police breathalyzer can produce incorrect breath test results
- Cryptocurrency mining malware found in Ubuntu Snap Store
- MEWKit: cryptotheft’s newest weapon (PDF)
- TeleGrab - grizzly attacks on secure messaging
- Malicious Powershell targeting UK bank customers
- SynAck targeted ransomware uses the Doppelgänging technique
- StalinLocker deletes your files unless you enter the right code
- A deep dive into RIG Exploit Kit delivering Grobios trojan + additional information
- IT threat evolution Q1 2018
- Malicious apps persistently appearing on Google Play and using Google icons
- The rise and fall of Scan4You (PDF)
- Hacking train passenger Wi-Fi
- New DDoS attack method demands a fresh approach to amplification assault mitigation
- Amplification DDoS in 2018
- Detecting and mitigating DoS and DDoS attacks on the cloud
- Taking over all domains of a TLD for just $150
- Hacking iLO - take a moment to secure your servers
- AWS CloudFront sub-domain hijack
- How Azure services are commonly breached
- Accessing Google account data without a password
- Introducing Team Foundation Server decryption tool
- reCAPTCHA v3 will detect if you’re human without annoying interactive challenges
- Detecting cloned cards at the ATM
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
Comments