Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- US soldiers expose nuclear weapons secrets via flashcard apps
- Oracle boasted that its software was used against U.S. protesters. Then it took the tech to China
- 10% of Brits had location tracked without permission for vaccine study
- Canada Post informs 44 large business customers of supplier data breach involving shipping information
- One of the biggest US insurance companies reportedly paid hackers $40 million ransom after a cyberattack
- Boss of ATM skimming syndicate arrested in Mexico
- Hungarian police busted an online forum of paedophiles
- Russian hacker sentenced to 30 months for running a website selling stolen, counterfeit and hacked accounts
For the more technical
- Introducing Firefox’s new Site Isolation security architecture
- M1RACLES – A covert channel vulnerability in the Apple Silicon “M1” chip
- About the security content of iOS 14.6 and iPadOS 14.6
- Mozilla Thunderbird was saving OpenPGP keys in plaintext after encryption snafu
- Updates on Chinese APT actors compromising Pulse Secure VPN devices
- Introducing Half-Double: New hammering technique for DRAM Rowhammer bug
- Devices supporting Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure
- Falsifying and weaponizing certified PDFs
- Studying the manipulation ofsecurity headers in browser extensions (PDF)
- Getting a persistent shell on a 747 IFE
- Smart plugs sold for just over a tenner give hackers access to your home network
- The race to native code execution in PLCs
- Crimes of opportunity: Increasing frequency of low sophistication operational technology compromises
- NASA’s Cybersecurity Readiness (PDF)
- Pwned passwords, open source in the .NET Foundation and working with the FBI
- InvisiMole group resurfaces touting fresh toolset, Gamaredon partnership
- BazaFlix: BazaLoader fakes movie streaming service
- Tracking IcedID Servers with a few simple steps
- Evolution of JSWorm ransomware
- Docker honeypot reveals cryptojacking as most common cloud threat
- New sophisticated email-based attack from NOBELIUM
- Breaking down NOBELIUM’s latest early-stage toolset
- Suspected APT29 operation launches election fraud themed phishing campaigns
- Hackers posing as the United Nations hacked Uyghur muslims
- From wiper to ransomware – The evolution of Agrius (PDF)
- Attributing CryptoCore attacks against crypto exchanges to LAZARUS (North Korea)
- Investigating Hydra: Where cryptocurrency roads all lead to Russia and go dark
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.