Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- North Korean hacker crew steals $571M in cryptocurrency across 5 attacks
- Equifax engineer who designed breach portal gets 8 months of house arrest for insider trading
- Facebook eyes spammers for mega-breach
- How to irregular cyber warfare
- Israel’s cyber-spy industry helps world dictators hunt dissidents and gays
- Apple CEO is calling for Bloomberg to retract its Chinese spy chip story
For the more technical
- libssh have an authentication bypass vulnerability in the server code
- Patching, re-patching and meta-patching the Jet Database Engine RCE
- Oracle Critical Patch Update for October 2018
- Google’s Project Zero has again called Apple out for silently patching flaws
- Ghostscript sandbox escape
- Exploitation for the recent RCE in Git
- Security advisories for Drupal core
- DOM-XSS bug affecting Tinder, Shopify, Yelp, and more
- Remote Code Execution in Moxa ThingsPro IIoT
- Sony fixes PlayStation 4 bug that allowed message to crash consoles
- Linksys E Series multiple OS command injection vulnerabilities
- D-Link routers – full takeover
- VMware ESXi, Workstation, and Fusion updates address an out-of-bounds read vulnerability
- Octopus-infested seas of Central Asia
- VestaCP compromised in a new supply-chain attack
- Analysing new RTF-based campaign distributing Agent Tesla, Loki with PyREbox
- NSA-linked DarkPulsar exploit tool detailed
- “Big Star Labs” spyware campaign affects over 11,000,000 people
- Godzilla loader and the long tail of malware
- Mouse Underlaying: Global key and mouse listener based on an almost invisible window
- Analyzing Turla’s keylogger
- Shedding skin – Turla’s fresh faces
- The mysterious return of years-old chinese malware
- How we discovered a Ukranian cybercrime hotspot
- How to remove fileless malware
- VBA stomping – advanced maldoc techniques
- How Office 365 learned to reel in phish
- How I “found” the database of the Donald Daters App
- Researcher finds simple way of backdooring Windows PCs
- Building a Titan: Better security through a tiny chip
- Android Protected Confirmation: Taking transaction security to the next level
- Meet Helm, the startup taking on Gmail with a server that runs in your home
- Modernizing IDA Pro: How to make processor module glitches go away
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
hi, great info, found it very useful, but, what if you start some video tutorials like?