Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Warning over Chinese mobile giant Xiaomi recording millions of people’s ‘private’ web and phone use
- NSO employee abused phone hacking tech to target a love interest
- South Korean and US payment card details worth nearly $2M up for sale in the underground
For the more technical
- Stealing your SMS messages with iOS 0day
- The Android patch ecosystem – Still fragmented, but improving
- Fuzzing ImageIO
- Beware of the GIF: Account takeover vulnerability in Microsoft Teams
- The chronicles of Fortinet’s CVE-2020–9294
- Critical GitLab flaw earns bounty hunter $20K
- GDPR.EU has a data leakage issue
- Oracle warns of attacks against recently patched WebLogic security bug
- Fixing SQL injection vulnerability and malicious code execution in XG Firewall/SFOS
- “Asnarök” Trojan targets firewalls
- First seen in the wild – mobile as attack vector using MDM
- The end of Dreambot? Obituary for a loved piece of Gozi
- Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk
- Lucy’s back: Ransomware goes mobile
- Shade threat actors call it quits, release 750K encryption keys
- Grandoreiro: How engorged can an EXE get?
- Hiding in plain sight: PhantomLance walks into a market
- 30,000 percent increase in COVID-19-themed attacks
- Remote spring: the rise of RDP bruteforce attacks
- APT trends report Q1 2020
- Threat landscape for industrial automation systems. 2019 Report at a glance
- Cyber attack targets Israel’s water supply
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.