IT Security Weekend Catch Up – May 2, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Warning over Chinese mobile giant Xiaomi recording millions of people’s ‘private’ web and phone use
  2. NSO employee abused phone hacking tech to target a love interest
  3. South Korean and US payment card details worth nearly $2M up for sale in the underground

For the more technical

  1. Stealing your SMS messages with iOS 0day
  2. The Android patch ecosystem – Still fragmented, but improving
  3. Fuzzing ImageIO
  4. Beware of the GIF: Account takeover vulnerability in Microsoft Teams
  5. The chronicles of Fortinet’s CVE-2020–9294
  6. Critical GitLab flaw earns bounty hunter $20K
  7. GDPR.EU has a data leakage issue
  8. Oracle warns of attacks against recently patched WebLogic security bug
  9. Fixing SQL injection vulnerability and malicious code execution in XG Firewall/SFOS
  10. “Asnarök” Trojan targets firewalls
  11. First seen in the wild – mobile as attack vector using MDM
  12. The end of Dreambot? Obituary for a loved piece of Gozi
  13. Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk
  14. Lucy’s back: Ransomware goes mobile
  15. Shade threat actors call it quits, release 750K encryption keys
  16. Grandoreiro: How engorged can an EXE get?
  17. Hiding in plain sight: PhantomLance walks into a market
  18. 30,000 percent increase in COVID-19-themed attacks
  19. Remote spring: the rise of RDP bruteforce attacks
  20. APT trends report Q1 2020
  21. Threat landscape for industrial automation systems. 2019 Report at a glance
  22. Cyber attack targets Israel’s water supply

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *