IT Security Weekend Catch Up – October 23, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Mark Zuckerberg has been added to a DC lawsuit over the Cambridge Analytica scandal
  2. Fake YouTube Apple event stream draws 30k viewers before turning into crypto scam
  3. Hacker steals government ID database for Argentina’s entire population
  4. Fraudsters cloned company director’s voice in $35 million bank heist, police find
  5. Hacker defaces Donald Trump’s website
  6. Acer hacked twice in a week by the same threat actor
  7. Zerodium wants zero-day exploits for Windows VPN clients
  8. Two individuals sentenced for providing “bulletproof hosting” for cybercriminals
  9. Facebook sues Ukrainian who scraped the data of 178 million users
  10. Governments turn tables on ransomware gang REvil by pushing it offline
  11. Hospital attack ‘purely financial,’ likely by Chinese group

For the more technical

  1. Exploit kit adds rare Chrome browser attack chain
  2. Windows 10, iOS 15, Ubuntu, Chrome fall at China’s Tianfu hacking contest
  3. CVE-2021-42299: TPM Carte Blanche
  4. Disabling JavaScript won’t save you from fingerprinting
  5. Gummy Browsers: Targeted browser spoofing against state-of-the-art fingerprinting techniques (PDF)
  6. Credit card PINs can be guessed even when covering the ATM pad
  7. New SmashEx attack breaks Intel SGX enclaves
  8. Evaluating physical-layer BLE location tracking attacks on mobile devices (PDF)
  9. Cobalt Strike: Using known private keys to decrypt traffic
  10. Digitally-signed rootkits are back – A look at FiveSys and companions
  11. Trickbot rising — Gang doubles down on infection efforts to amass network footholds
  12. Trickbot module descriptions
  13. A decryptor for the ransomware BlackByte
  14. Karma ransomware – An emerging threat with a hint of Nemty pedigree
  15. TA505 ramps up activity, delivers new FlawedGrace variant
  16. Newly found npm malware mines cryptocurrency on Windows, Linux, macOS devices
  17. Shining a light on RedLine Stealer malware and identity data found in criminal shops
  18. Phishing campaign targets YouTube creators with cookie theft malware
  19. LightBasin: A roaming threat to telecommunications companies
  20. Russian-speaking cybercrime evolution: What changed from 2016 to 2021
  21. New espionage campaign targets South East Asia
  22. FIN7 recruits talent for push into ransomware

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *