IT Security Weekend Catch Up – November 28, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Chinese president Xi Jinping pushes for global tracking system using QR codes
  2. China compromised F-35 subcontractor and forced expensive software system rewrite, academic tells MPs
  3. [VIDEO] The Beirut port explosions
  4. Last month’s power outage in the Mumbai Metropolitan Region was a sabotage
  5. IIoT chip maker Advantech hit by ransomware, $12.5 million ransom
  6. Manchester United working with infosec experts to ‘minimize ongoing IT disruption’ caused by ‘cyber attack’
  7. Ransomware hits largest US fertility network, patient data stolen
  8. Sophos notifies customers of data exposure after database misconfiguration
  9. Personal data of 16 million Brazilian COVID-19 patients exposed online
  10. A hacker is selling access to the email accounts of hundreds of C-level executives
  11. Apple’s head of security indicted in Santa Clara County CCW case
  12. Three arrested as INTERPOL, Group-IB and the Nigeria Police Force disrupt prolific cybercrime group
  13. Romanian duo arrested for running malware encryption service to bypass antivirus software
  14. Cryptomator roadmap late 2020
  15. Plan your route privately: DuckDuckGo now has driving & walking directions

For the more technical

  1. VMware releases fix for critical ESXi, Workstation vulnerability
  2. Windows RpcEptMapper service insecure registry permissions EoP
  3. Windows 7 and Server 2008 zero-day bug gets a free patch
  4. How to get root on Ubuntu 20.04 by pretending nobody’s /home
  5. Tor 0day: Uniquely tracking computers
  6. Malicious Microsoft Edge extensions targeting users in the wild
  7. Facebook Messenger for Android bug report
  8. Cross-Site-Scripting on www.tiktok.com and m.tiktok.com leading to Data Exfiltration
  9. Android apps leaking sensitive data found on Google Play with 6 million U.S. downloads
  10. Xbox bug could have allowed hackers to link gamer tags with players’ emails
  11. Passwords exposed for almost 50,000 vulnerable Fortinet VPNs
  12. Smart doorbells – delivering the security you expect?
  13. This Bluetooth attack can steal a Tesla Model X in minutes + more information
  14. Spying with your robot vacuum cleaner: Eavesdropping via Lidar sensors (PDF)
  15. [VIDEO] x33fcon Europe 2020
  16. GoDaddy employees used in attacks on multiple cryptocurrency services
  17. WordPress malware setting up SEO shops
  18. Spotify targeted in potential fraud scheme
  19. Spoofed FBI Internet domains pose cyber and disinformation risks
  20. TrickBot malware uses obfuscated Windows batch script to evade detection
  21. Stantinko’s proxy after your Apache server
  22. TA416 goes to ground and returns with a Golang PlugX malware loader
  23. How cybercriminals misuse and abuse AI and ML
  24. Botnets have been silently mass-scanning the internet for unsecured ENV files

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *