IT Security Weekend Catch Up – October 5, 2019

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. [VIDEO] Why NSA whistleblower Edward Snowden risked his life to expose surveillance state
  2. Spain security firm probed ‘for spying on Assange for CIA’
  3. Meet Candiru – the mysterious mercenaries hacking Apple and Microsoft PCs for profit
  4. Legit-looking iPhone lightning cables that hack you will be mass produced and sold
  5. Amazon and Apple are quietly building networks that know the location of everything
  6. Facebook is being asked to give access to encrypted messages
  7. Former Yahoo engineer pleads guilty to hacking user emails in search for porn
  8. Zendesk breach hits 10,000 corporate accounts
  9. Comodo forums breached, data of over 170,000 users up for grabs
  10. Ransomware forces 3 hospitals to turn away all but the most critical patients
  11. Dutch police take down hornets’ nest of DDoS botnets
  12. German cops raid “Cyberbunker 2.0,” arrest 7 in child porn, dark web market sting

For the more technical

  1. New PDFex attack can exfiltrate data from encrypted PDF files (PDF)
  2. MMD-0064-2019 – Linux/AirDropBot
  3. New SIM attacks de-mystified, protection tools now available + more information
  4. WebEx, Zoom meetings exposed to snooping via enumeration attacks
  5. How a double-free bug in WhatsApp turns to RCE
  6. Attackers exploit 0-day vulnerability that gives full control of Android phones
  7. An exploration of apps’ circumvention of the Android permissions system
  8. Understanding Android VoIP security:A system-level vulnerability assessment (PDF)
  9. Signal: Incoming call can be connected without user interaction
  10. Exploiting Tinder to get paid features for free
  11. Webkit zero-day exploit besieges Mac and iOS users with malvertising redirects
  12. ‘Fleeceware’ Play store apps quietly charging up to $250
  13. HELO Winnti: Attack or scan?
  14. New ‘Gucci’ IoT botnet targets Europe
  15. Recent cyberattacks require us all to be vigilant
  16. New Adwind campaign targets US petroleum industry
  17. Threat landscape for industrial automation systems, H1 2019
  18. Avivore – hunting global aerospace through the supply chain
  19. Magecart Group 4: A link with Cobalt Group?
  20. Pulling back the curtain on a banking botnet (PDF)
  21. Casbaneiro: Dangerous cooking with a secret ingredient
  22. The eye on the Nile
  23. BEC actors compromise vendor accounts to target organizations via invoice wire fraud (PDF)
  24. Freedom Hosting 2: Forums
  25. Analysis and disclosure of the US Central Intelligence Agency network weapons database
  26. How bad actors hide their malicious code
  27. Four and a half Apple passwords
  28. How to extract screen time passcodes and voice memos from iCloud
  29. How to break into a Jeep when you don’t have a knife
  30. Cloudflare’s Warp VPN is now available to all
  31. Google Chrome: No more mixed messages about HTTPS

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *