IT Security Weekend Catch Up – September 23, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Russian hackers may have tried to infiltrate World Anti-Doping Agency
  2. Russians planned attack on lab testing Salisbury nerve agent, Swiss say
  3. Russian hacker pleads guilty for role in Kelihos botnet
  4. Mirai botnet authors avoid jail time
  5. Greece U-Turns – now approves Mr. Bitcoin’s extradition to Russia
  6. After riches and jail, Belarusian ex-hacker’s life lesson? ‘Don’t steal from Americans. Ever’
  7. Bristol Airport working to restore full display system after cyber-attack
  8. You didn’t think the Sony saga was over, did you?
  9. Files with 42 million emails and passwords found on free hosting service
  10. State Department email breach exposed employees’ personal information
  11. GovPayNow.com leaks 14M+ records
  12. Hackers steal $60 million from Japanese crypto exchange Zaif
  13. California may ban terrible default passwords on connected devices
  14. Dark web drugs markets – more TripAdvisor than Amazon
  15. Amazon plants fake packages in delivery trucks to ‘trap’ drivers who are stealing
  16. NIST’s encryption standard has minimum $250 billion economic benefit
  17. Stung by hacks, the Democratic National Committee is switching from Android to iPhones

For the more technical

  1. [VIDEO] 4 common Node.js security issues inside NPM
  2. Microsoft’s Jet crash: Zero-day flaw drops after deadline passes + more information
  3. This Windows file may be secretly hoarding your passwords and emails
  4. A major bug in Bitcoin software could have crashed the currency + more information
  5. ProtonVPN, NordVPN patch Windows bug
  6. Security bulletin for Adobe Acrobat and Reader
  7. Dangerous vulnerabilities in Siemens industrial solutions
  8. Google’s Android team finds serious flaw in Honeywell devices
  9. Peekaboo critical vulnerability in NUUO network video recorder
  10. Authentication bypass vulnerability in Western Digital My Cloud
  11. Fake finance apps on Google Play target users from around the world
  12. Twitter: Fixing a bug in Account Activity API
  13. Local file inclusion at IKEA.com
  14. Playing with CloudGoat: Hacking AWS EC2 service for privilege escalation
  15. Pre-pwned AMI images in Amazon’s AWS public instance store
  16. Static analysis of client-side JavaScript for pen testers and bug bounty hunters
  17. Click2Gov: Targeting local government payment portals + more information
  18. Access to thousands of breached sites found on underground market
  19. Magecart strikes again: Newegg in the crosshairs + more information
  20. Threats posed by using RATs in ICS
  21. Inside a demo of NSO Group’s powerful iPhone malware
  22. Increased use of a Delphi Packer to evade malware classification
  23. DanaBot shifts its targeting to Europe, adds new features
  24. A look into the lifecycle of Brazilian financial malware
  25. Xbash combines botnet, ransomware, coinmining in worm that targets Linux and Windows
  26. GandCrab malware keeps a step ahead of network defenses
  27. Meet Black Rose Lucy, the latest Russian MaaS botnet
  28. Viro botnet ransomware breaks through
  29. Wannamine cryptominer that uses EternalBlue still active
  30. Cyber Threat Alliance releases cryptomining whitepaper (PDF)
  31. New trends in the world of IoT threats
  32. ICANN sets plan to reinforce internet DNS security
  33. Android and Google Play security rewards programs surpass $3M in payouts
  34. iOS 12 enhances USB Restricted Mode
  35. Introducing the Cloudflare Onion Service

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *