IT Security Weekend Catch Up – May 5, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

We were gone for a few weeks, but since many of you have asked for a comeback, here it is. We’ll try to keep it alive!

For the less technical

  1. France seizes France.com from man who’s had it since ‘94, so he sues
  2. WhatsApp founder plans to leave after broad clashes with parent Facebook
  3. Twitter sold data access to Cambridge Analytica-linked researcher
  4. Cambridge Analytica closing after Facebook data harvesting scandal
  5. Facebook has fired multiple employees for snooping on users
  6. Amazon threatens to suspend Signal’s AWS account over censorship circumvention
  7. How a cyberwar looks like – and how it doesn’t
  8. NATO exercise tests skills of national cyber defenders
  9. Australia’s Biggest Bank Loses 20 Million Customer Records
  10. Mexico tells banks to take steps to guard against suspected hack
  11. When cops can’t convict a ‘top Mafia boss,’ they turn to desperate measures
  12. Hacker gets 87 months for trying to hack a friend free + more information
  13. The gambler who cracked the horse-racing code

For the more technical

  1. Sci-Hub ‘Pirate Bay for Science’ security certs revoked by Comodo
  2. North Korea’s SiliVaccine antivirus contains stolen Trend Micro engine
  3. Shhlack lets you encrypt Slack messages
  4. Improving the Advanced Protection Program for iOS users
  5. GitHub accidentally recorded some plaintext passwords in its internal logs
  6. Change your Twitter password right now
  7. Oracle Access Manager’s identity crisis
  8. Microsoft issues emergency patch for critical flaw in Windows containers + more information
  9. MMap vulnerabilities in the Linux kernel
  10. Further advancements in detecting kernel infoleaks with x86 emulation (PDF)
  11. Escalating privileges with CylancePROTECT
  12. Researches by Alex Ionescu: 1, 2, 3, 4 & 5 (PDF)
  13. 7-Zip: from uninitialized memory to remote code execution
  14. Critical Cisco WebEx bug allows remote code execution
  15. Exploiting CVE-2018-6789 in Exim
  16. A critical security flaw in popular industrial software put power plants at risk + technical description
  17. D-Link DCS-5020L day n’ night camera remote code execution walkthrough
  18. New hacking tool lets users access a bunch of DVRs and their video feeds
  19. Eight new Spectre variants affecting Intel chips discovered, four are “high risk”
  20. Critical RCE vulnerability found in over a million GPON home routers
  21. GLitch technique enrolls graphics cards in Rowhammer attacks on Android phones + additional information
  22. Industrial networks easy to hack from corporate systems (PDF)
  23. WebLogic exploited in the wild
  24. KRACK Wi-Fi vulnerability can expose medical devices, patient records
  25. An analysis of the Chimay-Red MicroTik exploit
  26. Ransomnix ransomware variant encrypts websites
  27. The Kitty malware targets Drupal to mine for cryptocurrency
  28. FacexWorm targets cryptocurrency trading platforms, abuses Facebook Messenger for propagation
  29. Somebody tried to hide a backdoor in a popular JavaScript npm package
  30. Lojack becomes a double-agent
  31. Chinese cyberspies appear to be preparing supply-chain attacks
  32. ZooPark – cyberespionage operation targets Android users in the Middle East (PDF)
  33. Internet Shortcut used in Necurs malspam campaign
  34. Google Maps open redirect flaw abused by scammers
  35. Google Inbox emails can be spoofed to fake the recipient
  36. Accessing Google account data without a password

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *