IT Security Weekend Catch Up – October 10, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Put your finger on the pulse of what’s new with the YubiKey Bio Series
  2. Crypto platform mistakenly gives $90M to users, asks for refund
  3. Twitch source code and business data leaked on 4chan + more information
  4. Government secretly orders Google to identify anyone who searched a sexual assault victim’s name, address and telephone number

For the more technical

  1. Android Security Bulletin – October 2021
  2. Actively exploited Apache 0-day also allows remote code execution
  3. The discovery of Gatekeeper bypass CVE-2021-1810
  4. Microsoft WPBT flaw lets hackers install rootkits on Windows devices
  5. Botnet abuses TP-Link routers for years in SMS messaging-as-a-service scheme
  6. Understanding how Facebook disappeared from the Internet
  7. UEFI threats moving to the ESP: Introducing ESPecter bootkit
  8. LANTENNA: Exfiltrating data from air-gapped networks via Ethernet cables (PDF)
  9. Misconfigured Airflows leak thousands of credentials from popular services
  10. FontOnLake: Previously unknown malware family targeting Linux
  11. Advanced Endpoint Protection: Ransomware protection test (PDF)
  12. Python ransomware script targets ESXi server for encryption
  13. AvosLocker ransomware gang to auction the data of victims who don’t pay
  14. Atom Silo ransomware actors use Confluence exploit, DLL side-load for stealthy attack
  15. FIN12: The prolific ransomware intrusion threat actor that has aggressively pursued healthcare targets
  16. Operation GhostShell: Novel RAT targets global aerospace and telecoms firms
  17. Drawing a dragon: Connecting the dots to find APT41
  18. Google notifies 14,000 Gmail users of targeted APT28 attacks
  19. Text message scam infecting Android phones with FluBot
  20. The rise of one-time password interception bots

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *