Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Facebook teams with rightwing Daily Caller in factchecking program
- Wikileaks co-founder jailed over bail breach + more information
- Chinese dev jailed and fined for posting DJI’s private keys on GitHub
- Man who allegedly leaked CIA hacking tools says he’s been tortured and is owed $50 billion
- NSA recommends dropping controversial mass surveillance program, report says
- Rape victims among those to be asked to hand phones to police
- San Francisco considers banning facial recognition systems
- Wife of journalist slain in cartel-linked killing targeted with NSO Group’s spyware
- In first, Japan to develop computer virus to defend against cyberattacks
- Ransomware hits yet another U.S. airport
- Norsk Hydro expects cyber attack costs of up to $52 mln in Q1
- Hackers went undetected in Citrix’s internal network for six months
- Wipro breach update: Researchers reveal surprising new details
- Hackers steal and ransom financial data related to some of the world’s largest companies
- ‘Cyber event’ disrupted U.S. grid networks
- Hamburglar strikes again, feasts on $2,000 in meals using customer’s McDonald’s app
- Fraudster poses as Jason Statham to steal victim’s money
- Law enforcement seizes dark web market after moderator leaks backend credentials
- Data: E-retail hacks more lucrative than ever
- Streaming your own game gets you taken down as a pirate, thanks to NBC
- How one country blocks the world on data privacy
- How I became nearly untraceable on the web
- A programmer solved a 20-year-old, forgotten crypto puzzle
For the more technical
- Cisco patches critical vulnerability in data center switches
- D-Link camera vulnerability allows attackers to tap into the video stream
- Security cameras vulnerable to hijacking
- Vodafone found hidden backdoors in Huawei equipment
- Vulnerability fixes that make you go
- Facebook Messenger server random memory exposure through corrupted GIF image
- Exploiting Apache Solr through OpenCMS
- Remote code execution on most Dell computers
- Extracting ECDSA keys from Qualcomm’s TrustZone (PDF)
- Mysterious hacker has been selling Windows 0-days to APT groups for three years
- APT trends report Q1 2019
- The inception bar: a new phishing method
- Tech support scam employs new trick by using iframe to freeze browsers
- BadWPAD, DNS suffix and wpad.pl / wpadblocking.com case
- Public 10KBLAZE exploits may impact 90% of SAP production systems
- Internet of Planes: Hacking millionaires’ jet cabins
- Breaking Widevine content protection (DRM) on streaming websites
- Plugins added to malicious campaign
- Threat actors abuse GitHub service to host a variety of phishing kits
- Spoofing OpenPGP and S/MIME signatures in emails
- A mysterious hacker group is on a supply chain hijacking spree
- Microsoft Outlook email breach targeted cryptocurrency users
- Qakbot levels up with new obfuscation techniques
- Buhtrap backdoor and ransomware distributed via major advertising platform
- “MegaCortex” ransomware wants to be The One
- Sodinokibi ransomware exploits WebLogic Server vulnerability
- Zero-day attackers deliver a double dose of ransomware—no clicking required
- Port scanning, spoofing & blacklists
- Pillaging passwords from service accounts
- Forensics: Active Directory ACL investigation
- Why you shouldn’t use a password manager for your Linode account
- Building a passive IMSI catcher
- Android App Reverse Engineering 101
- GrapheneOS – an Android-based, security-hardened, open source operating system
- ProtonMail now offers elliptic curve cryptography for advanced security and faster speeds
- An open source checklist of resources designed to improve your online privacy and security
- Learn how identifiable you are on the Internet
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
One thought on “IT Security Weekend Catch Up – May 4, 2019”