IT Security Weekend Catch Up – May 21, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. U.S. DOJ will no longer prosecute ethical hackers under CFAA
  2. Hacker and ransomware designer charged for use and sale of ransomware, and profit sharing arrangements with cybercriminals
  3. Three arrested in the Netherlands for ATM explosion spree in Germany
  4. National bank hit by ransomware trolls hackers with dick pics
  5. Top passwords used by business executives
  6. Bloomberg: Google is sharing our data at a startling scale

For the more technical

  1. Microsoft’s May patch tuesday updates cause Windows AD authentication errors
  2. The underrated bugs, clickjacking, CSS injection, drag-drop XSS, cookie bomb, login+logout CSRF…
  3. How to disable ad ID tracking on iOS and Android, and why you should do it now
  4. When wireless malware stays on after turning off iPhones (PDF)
  5. About the security content of iOS 15.5 and iPadOS 15.5
  6. Protecting Android users from 0-day attacks
  7. Kali Linux 2022.2 released with 10 new tools, WSL improvements, and more
  8. VMware patches critical auth bypass flaw in multiple products
  9. Lazarus group exploiting Log4Shell vulnerability (NukeSped)
  10. Millions of attacks target Tatsu Builder plugin
  11. Stack under attack: what we learned about handling DDoS attacks
  12. Radware mitigates 1.1Tbps DDoS attack
  13. New Bluetooth hack can unlock your Tesla—and all kinds of other devices
  14. Nozomi Networks discovers vulnerability in Siemens building automation software
  15. Fake mobile apps steal Facebook credentials, cryptocurrency-related keys
  16. RedLine stealer campaign using Binance Mystery Box videos to spread GitHub-hosted payload
  17. Vidar distributed through backdoored Windows 11 downloads and abusing Telegram
  18. New SYK crypter distributed via Discord
  19. UpdateAgent adapts again
  20. HTML attachments in phishing e-mails
  21. Over 380 000 open Kubernetes API servers
  22. Evaluation of cyber activities and the threat landscape in Ukraine
  23. Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis
  24. Chaos ransomware variant sides with Russia
  25. Chinese ‘Space Pirates’ are hacking Russian aerospace firms
  26. Software updates strategies: a quantitative evaluation against Advanced Persistent Threats (PDF)
  27. Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
  28. Conti ransomware shuts down operation, rebrands into smaller units
  29. Wizard Spider in-depth analysis (PDF)

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *