Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Facebook engineers admit they don’t know what they do with your data
- Russian propaganda spread on fake news sites
- This clever anti-censorship tool lets Russians read blocked news
- It’s time to get real about TikTok’s risks
- TikTok denies breach after hacker claims ‘2 billion data records’ stolen
- Samsung discloses data breach after July hack
- BlackCat ransomware claims attack on Italian energy agency
- US seizes WT1SHOP market selling credit cards, credentials, and IDs
For the more technical
- Google Chrome emergency update fixes new zero-day used in attacks
- Bug in CrowdStrike Falcon allows removal of security agent
- WordPress core – unauthenticated blind SSRF
- OptiFi program incident report
- Zyxel releases new NAS firmware to fix critical RCE vulnerability
- DeadBolt ransomware rears its head again, attacks QNAP devices
- Mirai variant MooBot targeting D-Link devices
- Lampion malware returns in phishing attacks abusing WeTransfer
- Good game, well played: an overview of gaming-related cyberthreats in 2022
- No honor among thieves – Prynt Stealer’s backdoor exposed
- Sharkbot is back in Google Play
- CodeRAT overview
- Shikitega – New stealthy malware targeting Linux
- EvilProxy phishing-as-a-service with MFA bypass emerged in dark web
- Threat landscape for industrial automation systems for H1 2022
- Ragnar Locker ransomware targeting the energy sector
- Lazarus and the tale of three RATs
- Worok: The big picture
- Initial access broker repurposing techniques in targeted attacks against Ukraine
- APT42: Crooked charms, cons, and compromises
- Profiling DEV-0270: PHOSPHORUS’ ransomware operations
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.