IT Security Weekend Catch Up – November 17, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. [VIDEO] Hacker breaks down 26 hacking scenes from movies & TV
  2. US suspects St. Petersburg hacker arrested in Bulgaria of cyber fraud at $7mln
  3. Hacking Team hacker Phineas Fisher has gotten away with it
  4. How hackers sell luxury hotel rooms for next to nothing
  5. Shady data brokers are selling online dating profiles by the millions
  6. Hacker say they compromised ProtonMail. ProtonMail says it’s BS
  7. A leaky database of SMS text messages exposed password resets and two-factor codes
  8. That domain you forgot to renew? Yeah, it’s now stealing credit cards
  9. Dark side of Nintendo Switch piracy
  10. Up to three million kids’ GPS watches can be tracked by parents… and any miscreant
  11. Impact assessment shows privacy risks Microsoft Office ProPlus Enterprise
  12. Meeting Kosovo’s clickbait merchants
  13. Man pleads guilty in fatal swatting case, faces 20+ years in prison
  14. Support wouldn’t change his password, so he mailed them a bomb

For the more technical

  1. November 2018 Microsoft Patch Tuesday
  2. The evolution of Microsoft Threat Protection, November update
  3. What’s new in Windows Defender ATP
  4. A new exploit for zero-day vulnerability CVE-2018-8589
  5. UAC bypass by mocking trusted directories
  6. Inserted malicious URLs within Office documents’ embedded videos
  7. SUSE SMT: A tale of three CVEs
  8. WordPress GDPR plugin inadvertently exposed sites to hackers
  9. Patched Facebook vulnerability could have exposed private information
  10. Old school ‘sniffing’ attacks can still reveal your browsing history
  11. Tracking and snooping on a million kids
  12. Spectre, Meltdown researchers unveil 7 more speculative execution attacks (PDF)
  13. DJI drone vulnerability
  14. The Intel Microcode Boot Loader protects older CPUs from Spectre
  15. Web vulnerabilities in Siemens SIMATIC operator panels
  16. Vulnerabilities in Siemens industrial products
  17. Authentication bypass vulnerability in D-Link DIR-850L wireless router
  18. Botnet pwns 100,000 routers using ancient security flaw + more information
  19. FASTCash: How the Lazarus group is emptying millions from ATMs
  20. Inside Magecart: Comprehensive report on the assault on e-commerce
  21. Merchants struggle with MageCart reinfections
  22. Examining Emotet’s activities, infrastructure
  23. Emotet infection with IcedID banking trojan
  24. What’s new in TrickBot? Deobfuscating elements
  25. Cryptocurrency-mining malware targets Linux systems, uses rootkit for stealth
  26. Targeted ransomware attacks – SophosLabs 2019 Threat Report
  27. tRat: New modular RAT appears in multiple email campaigns
  28. The White Company: Inside the Operation Shaheen espionage campaign
  29. Chinese threat actor targets UK-based engineering company using Russian APT techniques
  30. Europol report on Internet organised crime threat assessment (in brief)
  31. Spear phishing attack on GOV in Poland
  32. Phishing emails with .COM extensions are hitting finance departments
  33. Hacking Gmail’s UX with from fields
  34. Clickjacking on Google MyAccount worth 7,500$
  35. How a Nigerian ISP accidentally knocked Google offline
  36. The rise of multivector DDoS attacks
  37. The Big List of Naughty Strings
  38. Recent flow watermarking techniques for detection of Tor hidden services
  39. Bitwarden completes third-party security audit
  40. Combating potentially harmful applications with machine learning at Google
  41. iMessage security, encryption and attachments
  42. Messages in iCloud: How to extract full content

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *