Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- A kompromat mystery. Collapsing the Austrian government with a video
- Kompromat of Solace: The operation to collect kompromat on the FPÖ
- Can a new anti-piracy system really defeat cinema “camming”?
- Game of Thrones piracy in Russia: 180,000 takedowns, mirror wars & capitulation
- Brave officially goes to war against Google
- Getting my personal data out of Facebook
- Hackers breach company that makes license plate readers for U.S. government
- Australian tech unicorn Canva suffers security breach
- Faulty database script brings Salesforce to its knees
- Multidimensional Bertrand Le Roy + fixing the weakest links
- Google stored G Suite users’ passwords in plain-text for 14 years
- First American Financial Corp. leaked hundreds of millions of title insurance records
- Hackers are holding Baltimore’s government computers hostage, and it’s not even close to over
- Google shut out Baltimore officials using Gmail after ransomware attack
- Political parties still have cybersecurity hygiene problems
- Snapchat employees abused data access to spy on users
- Behind Grindr’s doomed hookup in China, a data misstep and scramble to make up
- Legal threats make powerful phishing lures
- Laptop infected with world’s most dangerous malware up for sale
- 50 children rescued, 9 sex offenders arrested in international operation
- Why Eileen organised a hit on her already dead and beloved husband
- URL hacking to cheat Airlines
For the more technical
- The detailed analysis of WordPress 5.0 RCE
- BlueKeep Remote Desktop exploits are coming, patch now!
- Understanding the wormable RDP vulnerability CVE-2019-0708
- Windows 10 zero-day exploit code released online + more information
- SandboxEscaper drops three more Windows exploits, IE zero-day
- CVE-2019-11815: A cautionary tale about CVSS scores
- Thousands of vulnerable TP-Link routers at risk of remote hijack
- WD My Cloud RCE
- Investigating an odd DNS query
- Signature spoofing in Enigmail, once again
- Website for storing digital currencies hosted code with a sneaky backdoor
- SensorID – sensor calibration fingerprinting for smartphones
- Shooting rubber bands at firewalls
- A curious case of Malwarebytes
- BadWPAD wpad.software case and DNS threat hunting
- Uncovering Linux based cyberattack using Azure Security Center
- Abusing code signing for profit
- 16Shop: Commercial phishing kit has a hidden backdoor
- Fake cryptocurrency apps crop up on Google Play as bitcoin price rises
- JasperLoader targets Italy with a new bag of tricks
- Trickbot watch: Arrival via redirection URL in spam
- A journey to Zebrocy land
- Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques
- New Mirai variant uses multiple exploits to target routers and other devices
- One year later: The VPNFilter catastrophe that wasn’t
- DDoS attacks in Q1 2019
- IT threat evolution Q1 2019
- Cyber intelligence report outlines best practices and biggest challenges
- Cybersecurity training and awareness: helpful resources for educators
- Privacy preserving ad click attribution for the web
- Love is in the air: Reverse engineering a shitty drone
- Reverse engineering the iClicker base station
- Even more secret Telegrams
- Using Shodan monitoring
- How (and why) to change your DNS server
- Building a basic honeypot
- Starting February 2020, DNS servers that don’t support DNS both over UDP and TCP may stop working
- Responding to a Business Email Compromise
- Introducing GopenPGP, an open source encryption library for native applications
- Mobile Chrome, Safari, and Firefox failed to show phishing warnings for more than a year
- Firefox 67 – privacy futures
- First official version of Tor Browser for Android released on the Play Store + more information
- Are you anonymous?
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.