IT Security Weekend Catch Up – May 19, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Facebook data on 3 million users exposed through personality quiz
  2. Russian troll farm hijacked American teen girls’ computers for likes
  3. Pakistan: human rights under surveillance
  4. When spies hack journalism
  5. U.S. identifies suspect in major leak of CIA hacking toolsadditional information
  6. Vietnamese hackers trigger software trap after Australian sale of newspaper in Cambodia
  7. Serbia arrests FBI-sought cybercrime suspect
  8. Hacker publicly posts data stolen from government-linked cyberespionage group
  9. Police seize servers of bulletproof provider known for hosting malware ops
  10. Hacker breaches Securus, the company that helps cops track phones across the US
  11. US cell carriers are selling access to your real-time phone location data
  12. T-Mobile employee made unauthorized ‘SIM swap’ to steal Instagram account
  13. The mysterious heir of extreme travel
  14. How to spot a catfish candidate
  15. Google Photos auto-syncs when you connect to Wi-Fi
  16. Business email compromise incidents
  17. How organizations can best protect themselves against cyberattacks
  18. Thieves suck millions out of Mexican banks in transfer heist

For the more technical

  1. DHCP client script code execution vulnerability
  2. What makes the DynoRoot bug unique?
  3. Emails encrypted with OpenPGP, S/MIME vulnerable to new attacks (PDF)
  4. A new Spectre attack can even reveal firmware secrets
  5. Security flaw impacts Electron-based apps
  6. Signal-desktop HTML tag injectionvariant 2
  7. Adobe releases critical security updates for Acrobat and Reader
  8. Double zero-day vulnerabilities fused into one
  9. CVE-2018-8174 and forcing Internet Explorer exploits
  10. Binary SMS – the old backdoor to your new thing
  11. Severe DoS flaw discovered in Siemens SIMATIC PLCs + additional information
  12. Multiple vulnerabilities closed in Advantech WebAccess
  13. DrayTek router zero-day under attack
  14. ZipperDown vulnerability may impact 10% of all iOS apps
  15. A police breathalyzer can produce incorrect breath test results
  16. Cryptocurrency mining malware found in Ubuntu Snap Store
  17. MEWKit: cryptotheft’s newest weapon (PDF)
  18. TeleGrab – grizzly attacks on secure messaging
  19. Malicious Powershell targeting UK bank customers
  20. SynAck targeted ransomware uses the Doppelgänging technique
  21. StalinLocker deletes your files unless you enter the right code
  22. A deep dive into RIG Exploit Kit delivering Grobios trojanadditional information
  23. IT threat evolution Q1 2018
  24. Malicious apps persistently appearing on Google Play and using Google icons
  25. The rise and fall of Scan4You (PDF)
  26. Hacking train passenger Wi-Fi
  27. New DDoS attack method demands a fresh approach to amplification assault mitigation
  28. Amplification DDoS in 2018
  29. Detecting and mitigating DoS and DDoS attacks on the cloud
  30. Taking over all domains of a TLD for just $150
  31. Hacking iLO – take a moment to secure your servers
  32. AWS CloudFront sub-domain hijack
  33. How Azure services are commonly breached
  34. Accessing Google account data without a password
  35. Introducing Team Foundation Server decryption tool
  36. reCAPTCHA v3 will detect if you’re human without annoying interactive challenges
  37. Detecting cloned cards at the ATM

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *