IT Security Weekend Catch Up – October 3, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Former Apple engineer says the button on iPhones asking apps not to track you is a ‘dud’ that gives users a ‘false sense of privacy’
  2. Portpass app may have exposed hundreds of thousands of users’ personal data
  3. Facebook grew Marketplace to 1 billion users. Now scammers are using it to target people around the world
  4. Kidnapping, assassination and a London shoot-out: Inside the CIA’s secret war plans against WikiLeaks
  5. The Yahoo story about all the things CIA wasn’t allowed to do against WikiLeaks
  6. Snowden documents reveal scope of secrets exposed to China in 2001 spy plane incident
  7. WireX DDoS botnet admin charged for attacking hotel chain

For the more technical

  1. $8,000 bug bounty highlight: XSS to RCE in the Opera browser
  2. Hackers exploiting critical VMware vCenter CVE-2021-22005 bug
  3. How to steal money from victims’ contactless Apple Pay wallets (PDF)
  4. Hackers rob thousands of Coinbase customers using MFA flaw
  5. Fingerprinting Windows build numbers
  6. BloodyStealer and gaming assets for sale
  7. BluStealer: from SpyEx to ThunderFox
  8. A wolf in sheep’s clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus
  9. FinSpy: unseen findings
  10. FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor
  11. Threat analysis report: Inside the destructive PYSA ransomware
  12. DarkHalo after SolarWinds: the Tomiris connection
  13. GhostEmperor: From ProxyLogon to kernel mode (PDF)
  14. Winter vivern – all summer
  15. 4 Chinese APT groups identified targeting mail server of Afghan telecommunications firm Roshan
  16. ERMAC – another Cerberus reborn
  17. GriftHorse Android trojan steals millions from over 10 million victims globally
  18. Selecting and hardening remote access VPN solutions (PDF)

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *