Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Put your finger on the pulse of what’s new with the YubiKey Bio Series
- Crypto platform mistakenly gives $90M to users, asks for refund
- Twitch source code and business data leaked on 4chan + more information
- Government secretly orders Google to identify anyone who searched a sexual assault victim’s name, address and telephone number
For the more technical
- Android Security Bulletin – October 2021
- Actively exploited Apache 0-day also allows remote code execution
- The discovery of Gatekeeper bypass CVE-2021-1810
- Microsoft WPBT flaw lets hackers install rootkits on Windows devices
- Botnet abuses TP-Link routers for years in SMS messaging-as-a-service scheme
- Understanding how Facebook disappeared from the Internet
- UEFI threats moving to the ESP: Introducing ESPecter bootkit
- LANTENNA: Exfiltrating data from air-gapped networks via Ethernet cables (PDF)
- Misconfigured Airflows leak thousands of credentials from popular services
- FontOnLake: Previously unknown malware family targeting Linux
- Advanced Endpoint Protection: Ransomware protection test (PDF)
- Python ransomware script targets ESXi server for encryption
- AvosLocker ransomware gang to auction the data of victims who don’t pay
- Atom Silo ransomware actors use Confluence exploit, DLL side-load for stealthy attack
- FIN12: The prolific ransomware intrusion threat actor that has aggressively pursued healthcare targets
- Operation GhostShell: Novel RAT targets global aerospace and telecoms firms
- Drawing a dragon: Connecting the dots to find APT41
- Google notifies 14,000 Gmail users of targeted APT28 attacks
- Text message scam infecting Android phones with FluBot
- The rise of one-time password interception bots
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.