IT Security Weekend Catch Up – May 23, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Announcing HackerOne’s FedRAMP authorization
  2. Hacker leaks 40 million user records from popular Wishbone app
  3. Chinese hackers suspected of stealing details of 9 million EasyJet customers
  4. Japan suspects missile data leak in Mitsubishi cyberattack
  5. Israel behind cyberattack that caused ‘total disarray’ at Iran port
  6. Xbox and Windows NT 3.5 source code leaks online
  7. EU Parliament says sensitive data of 1,200 officials left exposed on web
  8. Dutch spies helped Britain’s GCHQ break Argentine crypto during Falklands War
  9. Espionage or journalism? After the Snowden NSA leaks
  10. Introducing BotSight: A new tool to detect bots on Twitter in real-time
  11. Hackers preparing to launch ransomware attacks against hospitals arrested in Romania

For the more technical

  1. More intuitive privacy and security controls in Chrome
  2. The best antiviruses 2020 for business and home to protect Windows 10
  3. QNAP pre-auth root RCE affecting ~312K devices on the Internet
  4. 15 years later: Remote Code Execution in qmail (CVE-2005-1513)
  5. Abusing WebRTC to reveal coarse location data in Signal
  6. BIAS: Bluetooth Impersonation AttackS
  7. NXNSAttack: Recursive DNS inefficiencies and vulnerabilities (PDF)
  8. GhostDNS source code leaked
  9. Researchers divulge details on five Windows zero days
  10. Microsoft removes malicious extensions from Edge Add-ons Store
  11. WolfRAT – a new Android malware based on a leak of the DenDroid malware family
  12. In depth analysis of Lazarus validator
  13. Asnarök attackers twice modified attack midstream
  14. Ragnar Locker ransomware deploys virtual machine to dodge security
  15. ATT&CKing ProLock Ransomware
  16. IT threat evolution Q1 2020 + statistics
  17. Academic data centers abused for crypto currency mining
  18. Counter Threat Unit researchers publish threat group definitions
  19. Iranian Chafer APT targeted air transportation and government in Kuwait and Saudi Arabia
  20. RATicate: an attacker’s waves of information-stealing malware
  21. No “Game over” for the Winnti group
  22. Vigilante hackers target ‘scammers’ with ransomware, DDoS attacks
  23. The unattributable “db8151dd” data breach
  24. Epic Games ignored epic subdomain takeover on their authentication domain, promoted $1 million bounty to address user complaints

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *