IT Security Weekend Catch Up – May 29, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. US soldiers expose nuclear weapons secrets via flashcard apps
  2. Oracle boasted that its software was used against U.S. protesters. Then it took the tech to China
  3. 10% of Brits had location tracked without permission for vaccine study
  4. Canada Post informs 44 large business customers of supplier data breach involving shipping information
  5. One of the biggest US insurance companies reportedly paid hackers $40 million ransom after a cyberattack
  6. Boss of ATM skimming syndicate arrested in Mexico
  7. Hungarian police busted an online forum of paedophiles
  8. Russian hacker sentenced to 30 months for running a website selling stolen, counterfeit and hacked accounts

For the more technical

  1. Introducing Firefox’s new Site Isolation security architecture
  2. M1RACLES – A covert channel vulnerability in the Apple Silicon “M1” chip
  3. About the security content of iOS 14.6 and iPadOS 14.6
  4. Mozilla Thunderbird was saving OpenPGP keys in plaintext after encryption snafu
  5. Updates on Chinese APT actors compromising Pulse Secure VPN devices
  6. Introducing Half-Double: New hammering technique for DRAM Rowhammer bug
  7. Devices supporting Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure
  8. Falsifying and weaponizing certified PDFs
  9. Studying the manipulation ofsecurity headers in browser extensions (PDF)
  10. Getting a persistent shell on a 747 IFE
  11. Smart plugs sold for just over a tenner give hackers access to your home network
  12. The race to native code execution in PLCs
  13. Crimes of opportunity: Increasing frequency of low sophistication operational technology compromises
  14. NASA’s Cybersecurity Readiness (PDF)
  15. Pwned passwords, open source in the .NET Foundation and working with the FBI
  16. InvisiMole group resurfaces touting fresh toolset, Gamaredon partnership
  17. BazaFlix: BazaLoader fakes movie streaming service
  18. Tracking IcedID Servers with a few simple steps
  19. Evolution of JSWorm ransomware
  20. Docker honeypot reveals cryptojacking as most common cloud threat
  21. New sophisticated email-based attack from NOBELIUM
  22. Breaking down NOBELIUM’s latest early-stage toolset
  23. Suspected APT29 operation launches election fraud themed phishing campaigns
  24. Hackers posing as the United Nations hacked Uyghur muslims
  25. From wiper to ransomware – The evolution of Agrius (PDF)
  26. Attributing CryptoCore attacks against crypto exchanges to LAZARUS (North Korea)
  27. Investigating Hydra: Where cryptocurrency roads all lead to Russia and go dark

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *