IT Security Weekend Catch Up – October 3, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Big tech firms may be handing Hong Kong user data to China
  2. Ontario police used COVID-19 database illegally, civil rights groups find
  3. YouTube will use artificial intelligence to decide if videos are safe for kids
  4. United States obtains final judgment and permanent injunction against Edward Snowden
  5. The European Union wants to force OEMs to let users uninstall bloatware
  6. The EU wants to limit which apps Apple and Google pre-install on your phone
  7. CMA CGM confirms cyber attack
  8. Healthcare giant UHS hit by ransomware attack
  9. Hackers leak files stolen in Pakistan’s K-Electric ransomware attack

For the more technical

  1. Cisco IOS XR software DVMRP memory exhaustion vulnerabilities
  2. Java RMI for pentesters: structure, recon and communication (non-JMX Registries)
  3. GitHub: Code scanning is now available
  4. Microsoft Exchange 2010 end of support and overall patching study
  5. If you’re running HP Device Manager, anyone on your network can get admin on your server via backdoor
  6. Critical vulnerabilities in leading industrial remote access software solutions
  7. You can bypass TikTok’s MFA by logging in via a browser
  8. How a Chinese malware gang defrauded Facebook users of $4 million
  9. The Emerald Connection: EquationGroup collaboration with Stuxnet
  10. Graphology of an Exploit – Hunting for exploits by looking for the author’s fingerprints
  11. TA2552 uses OAuth access token phishing to exploit read-only risks
  12. Microsoft Digital Defense Report, September 2020
  13. Ransomware gangs add DDoS attacks to their extortion arsenal
  14. Your best defense against ransomware: Find the early warning signs
  15. Attacks aimed at disrupting the Trickbot botnet
  16. APT‑C‑23 group evolves its Android spyware
  17. Joker playing hide-and-seek with Google Play

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *