IT Security Weekend Catch Up – October 20, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. China’s new cybersecurity program: No place to hide
  2. ‘Disproportionate’ sentence for Israeli-American after Russian request to release hacker denied
  3. M6, one of France’s biggest TV channels, hit by ransomware
  4. Feds bust one of the dark web’s biggest child porn sites thanks to tremendously bad opsec
  5. Inside the shutdown of the ‘world’s largest’ child sex abuse website
  6. Chainalysis in action: DOJ announces shutdown of largest child pornography website
  7. How a massive Facebook scam siphoned millions of dollars from unsuspecting boomers

For the more technical

  1. Oracle Critical Patch Update Advisory – October 2019
  2. Multiple remote code execution bugs in NitroPDF
  3. Checkrain fake iOS jailbreak leads to click fraud
  4. Vulnerability root cause analysis with time travel debugging
  5. Adobe patches over 80 vulnerabilities in three products
  6. Bypass McAfee with McAfee
  7. CVE-2019-17059: Preauth-RCE in Sophos’ Cyberoam explained
  8. “BriansClub” hack rescues 26m stolen cards
  9. When card shops play dirty, consumers win
  10. China’s Study the Great Nation app ‘enables spying via back door’ (PDF)
  11. Building China’s Comac C919 airplane involved a lot of hacking, report says (PDF)
  12. The untold story of the 2018 Olympics cyberattack, the most deceptive hack in history
  13. Connecting the dots: Exposing the arsenal and methods of the Winnti Group (PDF)
  14. APT trends report Q3 2019
  15. Operation Ghost: The Dukes aren’t back – they never left (PDF)
  16. LOWKEY: Hunting for the missing volume serial ID
  17. TA505 distributes new SDBbot remote access trojan with Get2 downloader
  18. IoT: a malware story
  19. Malicious payloads – hiding beneath the WAV
  20. Fake photo beautification apps on Google Play can read SMS verification code
  21. NanoCore under the microscope
  22. Digital “Pharmacusa”: Complexity of underground syndicates behind 2019 rise of targeted ransomware
  23. Emsisoft releases new decryptor for STOP Djvu ransomware
  24. Phishing e-mail spoofing SPF-enabled domain
  25. Darknet shoppers swindled out of bitcoins via trojanized Tor Browser
  26. Hardening Firefox against injection attacks
  27. Germany’s cyber-security agency recommends Firefox as most secure browser
  28. Improving site isolation for stronger browser security
  29. New version of OnionShare makes it easy for anyone to publish anonymous, uncensorable websites
  30. A beginner’s guide to flight tracking
  31. Guarding against supply chain attacks: The big picture
  32. How our security team handle secrets

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *