IT Security Weekend Catch Up – November 1, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. China adopts law on cryptography
  2. 6 new MSPs and/or cloud-based service providers compromised by ransomware
  3. Cyber-attack hits Utah wind and solar energy provider
  4. Largest cyber-attack in Georgia’s history linked to hacked web hosting provider
  5. The Pirate Bay was recently down for over a week due to a DDoS attack
  6. I accidentally uncovered a nationwide scam on Airbnb
  7. 60 e-commerce fraudsters busted during international operation
  8. Biggest single card database ever on sale on dark net marketplace
  9. UniCredit reveals data breach exposing 3 million customer records
  10. Teens find circumventing Apple’s parental controls is child’s play

For the more technical

  1. Pwn2Own Miami – bringing ICS into the Pwn2Own world
  2. RouterOS: Chain to root
  3. On Halloween night, Google discloses Chrome zero-day exploited in the wild
  4. Vulnerability in EU cross-border authentication software (eIDAS Node)
  5. Unpatched Linux bug may open devices to serious attacks over Wi-Fi
  6. Bypassing authentication on SSH bastion hosts
  7. Security researcher gets access to all FurryTail pet feeders around the world
  8. A tale of exploitation in spreadsheet file conversions
  9. Stealing private keys from a secure file sharing service
  10. De-anonymization via clickjacking in 2019
  11. CertUtil Qualms: They came to drop FOMBs
  12. Steam-powered scammers
  13. Xhelper: Persistent Android dropper app infects 45K devices in past 6 months
  14. Dozens of apps still dodging Google’s vetting system
  15. The commoditization of mobile espionage software
  16. QSnatch – malware designed for QNAP NAS devices
  17. [VIDEO] WannaCry: The Marcus Hutchins story
  18. MESSAGETAP: Who’s reading your text messages?
  19. Russian hackers are still targeting the Olympics, three years on
  20. New cyberattacks targeting sporting and anti-doping organizations
  21. Russia-linked group likely used Iranian hacking tools, NSA says
  22. North Korean malware found on Indian nuclear plant’s network
  23. Calypso APT: new group attacking state institutions
  24. Microsoft announces Secured-core PCs to counter firmware attacks
  25. Microsoft Office encryption evolution: from Office 97 to Office 2019
  26. Analysis of Qualcomm secure boot chains
  27. KTRW: The journey to build a debuggable iPhone
  28. Test your YARA rules against a collection of goodware before releasing them in production

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *