IT Security Weekend Catch Up – October 25, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Google meddling with URLs in emails, causing security concerns
  2. German Cabinet plans to give intel agencies access to messenger apps
  3. The police can probably break into your phone
  4. NSS Labs shuttered
  5. Edward Snowden gets permanent residency in Russia
  6. Russia’s clandestine chemical weapons programme and the GRU’s unit 29155
  7. Ransomware gang donates part of ransom demands to charity organizations
  8. Barnes & Noble hit by Egregor ransomware, strange data leaked
  9. How a secretive phone company helped the crime world go dark

For the more technical

  1. Oracle Critical Patch Update Advisory – October 2020
  2. Microsoft addresses RCE bugs in Windows Codecs Library and Visual Studio Code
  3. Waze: How I tracked your mother
  4. XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability
  5. WordPress deploys forced security update for dangerous bug in popular plugin
  6. Loginizer before 1.6.4 SQLi injection
  7. Multiple mobile browser address bar spoofing vulnerabilities
  8. Discord Desktop app RCE
  9. T-RAT 2.0: Malware control via smartphone
  10. Chinese state-sponsored actors exploit publicly known vulnerabilities (PDF)
  11. Ryuk in 5 hours
  12. Raccine: A simple ransomware protection
  13. Life of Maze ransomware
  14. An update on disruption of Trickbot
  15. Wizard Spider update: Resilient, reactive and resolute
  16. Emotet malware now wants you to upgrade Microsoft Word
  17. LockBit uses automated attack tools to identify tasty targets
  18. Hackers now abuse BaseCamp for free malware hosting
  19. GravityRAT: The spy returns
  20. MuddyWater’s offensive attack against Israeli organizations (PDF)
  21. US indicts Sandworm, Russia’s most destructive cyberwar unit
  22. Russian state-sponsored advanced persistent threat actor compromises U.S. government targets
  23. Industry alert pins state, local government hacking on suspected Russian group
  24. Looking into the eye of the Interplanetary Storm (PDF)
  25. CrimeOps of the KashmirBlack botnet – Part I & II
  26. The OSINT Handbook 2020 (PDF)
  27. Introducing Microsoft Edge preview builds for Linux

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *