Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- After 6 years in exile, Edward Snowden explains himself
- United States files civil lawsuit against Edward Snowden
- The mysterious death of the hacker who turned in Chelsea Manning
- This company built a private surveillance network. We tracked someone with it
- Documents reveal how Russia taps phone companies for surveillance
- Scotiabank slammed for ‘muppet-grade security’ after internal source code and credentials spill onto open internet
- Banks, arbitrary password restrictions and why they don’t matter
- Busted: $10 million tech support scam that preyed on the elderly
- Before he spammed you, this sly prince stalked your mailbox
- FedEx execs: We had no idea cyberattack would be so bad. Investors: Is that why you sold $40m+ of your own shares?
- Giant Entercom radio network deals with ransomware-like incident
For the more technical
- 2019 CWE Top 25 Most Dangerous Software Errors
- LastPass bug leaks credentials from previous site
- How two dead accounts allowed REMOTE CRASH of any Instagram android user
- Thousands of Google Calendars possibly leaking private information online
- Two widely used ad blocker extensions for Chrome caught in ad fraud scheme + more information
- WhatsApp ‘Delete for everyone’ doesn’t delete media files sent to iPhone users
- Researcher drops phpMyAdmin zero-day affecting all versions
- Critical vulnerability in Harbor enables privilege escalation from zero to admin (CVE-2019-16097)
- Multiple Advantech WebAccess vulnerabilities
- Security vulnerabilities in network accessible services
- HP printers try to send data back to HP about your devices and what you print
- Information exposure from consumer IoT devices (PDF)
- Is this your webcam? You’re being watched
- Threat landscape for smart buildings
- Ecuadorian breach reveals sensitive personal data
- Confidential patient data freely accessible on the internet (PDF)
- New DDoS vector observed in the Wild: WSD attacks hitting 35/Gbps
- Magecart skimming attack targets mobile users of hotel chain booking websites
- Gootkit malware crew left their database exposed online without a password
- Emotet trojan evolves since being reawakend, here is what we know + more information
- Mac malware that spoofs trading app steals user information, uploads it to website
- The legend of Adwind: A commodity RAT saga in eight parts
- InnfiRAT: A new RAT aiming for your cryptocurrency and more
- The massive propagation of the Smominru botnet
- TFlower ransomware – the latest attack targeting businesses
- Encrypted sextortion PDFs
- How Google adopted BeyondCorp – tiered access
- The Air Force will let hackers try to hijack an orbiting satellite
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.