IT Security Weekend Catch Up – November 26, 2016

Afraid of missing important security news during the week? We’re here to help! Every week we put all important security related news in one place, for your reading pleasure. Enjoy!

A bit less technical

  1. Russian propaganda influence on american elections
  2. Interview with stock hacker photos author
  3. Microsoft shares Windows 10 telemetry data with FireEye
  4. Darknet drug vendors opsec fails
  5. Bankers in Philippines charged for involvement in SWIFT fraud
  6. 178 money mules arrested
  7. ATMs in Europe targetted by hackers
  8. Bank phishing results in USD 2,6 mln theft
  9. The FBI Hacked Over 8,000 Computers In 120 Countries 
  10. EU’s new approach to regulating cryptography
  11. Twitter Fighting with Sexualised Images of Children
  12. Probably a second breach at NSA
  13. London Tube users tracked by WiFi device MAC address
  14. UK’s ThreeMobile customers database incident
  15. Popular Twitter accounts compromised by spammers

A bit more technical

  1. All videos from Black Hat USA 2016
  2. A Russian Trump fan is celebrating by hacking Google Analytics
  3. KeePass security audit results
  4. [PDF] curl audit report
  5. Securing domain controllers
  6. gstreamer FLIC decode vulnerability
  7. Incorrect fix for gstreamer FLIC decoder vulnerability
  8. New method for distributing malware through images
  9. Hacking Tesla with a malicious Android app: part 1, part 2
  10. Detailed analysis of Android N encryption
  11. Pixel security improvements
  12. Analysis of recent DDoS attacks on Russian banks
  13. Analysis of Ursnif campaign
  14. Soltra threat intelligence sharing tool saved by new owner
  15. 0day in specific regional software used in attacks in Asia
  16. Tropic Trooper APT campaign
  17. Forensic resources lists
  18. Exploit and malware in .HWP files
  19. 4 fatal flaws in deterministic password managers
  20. [PDF] Solid comparison of password managers
  21. [PDF] SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit
  22. TeleCrypt ransomware defeated
  23. Crysis ransomware decryption analysis
  24. Cerber ransomware encrypts databases
  25. Signal protocol specs now public domain
  26. Syscall Auditing at Scale
  27. NIST’s new password rules
  28. Interesting vulnerability in WordPress update server
  29. TP-link Device Debug Protocol (TDDP) Vulnerabilities
  30. Elevating privileges by environment variables expansion
  31. [PDF] Many Android VPNs are malicious
  32. Exfiltration of User Credentials using WLAN SSID
  33. Android malware analysis with Radare
  34. Sending Valid Phishing E-mails From Microsoft.com
  35. Windows 10 vs EMET analysis
  36. Flokibot analysis
  37. Gathering .onion addresses
  38. Tracking drivers with Bluetooth
  39. TimThumb vulnerability author’s confession
  40. Useful email obfuscation technique
  41. Ways to Brute Force WordPress 
  42. Generic VBA Instrumentation for Microsoft Office Documents
  43. [PDF] Reverse engineering Fitbit firmware
  44. CVE-2016-0176 analysis (Edge)
  45. [PDF] Classification of Side-Channel Attacks on Mobile Devices
  46. Major update – Sysmon 5.0
  47. Malware spreading on Facebook
  48. Analysis of Android banking malware app: part 1, part 2
  49. Next-gen vs traditional AV products – tests and comments
  50. [PDF] Analysis of secure external hard drives
  51. [PDF] Akamai State of the Internet Q3 report
  52. Uber bug bounty finds
  53. Fareit spam campaign analysis
  54. Wget Access List Bypass
  55. Research on unsecured Wi-Fi networks across the world
  56. Forensic Implications of iOS Lockdown (Pairing) Records

If you enjoyed this list and find it useful, subscribe to our feeds (RSS, Twitter, Facebook available) to find out when the new edition is posted next week.

Leave a Reply

Your email address will not be published. Required fields are marked *