IT Security Weekend Catch Up – September 29, 2018

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Scottish beer firm becomes victim of sophisticated ransomware attack
  2. Microsoft automatically installs six bloatware apps onto every Windows 10 PC
  3. How much are stolen frequent flyer miles worth on the dark web?
  4. United Nations accidentally exposed passwords and sensitive information to the whole Internet
  5. COI on SingHealth cyber attack: Hackers searched for PM Lee’s records using his NRIC number
  6. NSA coder jailed for smuggling secrets that wound up in Russian hands
  7. Hacker linked to Target data breach gets 14 years in prison
  8. When a refugee camp becomes an innovation incubator

For the more technical

  1. New CVE-2018-8373 exploit spotted
  2. Facebook discovered ‘security issue’ affecting 50 million accounts
  3. Credential leak flaws in Windows PureVPN client
  4. Bypassing Duo two-factor authentication
  5. The latest Bitcoin bug was so bad, developers kept its full details a secret
  6. A cache invalidation bug in Linux memory management
  7. Outrunning attackers on the Jet Database Engine 0day
  8. The known_hosts file can help Red Teams
  9. Password managers can be tricked into believing that malicious Android apps are legitimate
  10. Banking trojan found on Google Play stole 10,000 Euros from victims
  11. Cryptojacking apps return to Google Play Market
  12. USB threats from malware to miners
  13. One Emotet infection leads to three follow-up malware infections
  14. VPNFilter: More tools for the Swiss army knife of malware
  15. First UEFI rootkit found in the wild, courtesy of the Sednit group
  16. Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV
  17. Deep analysis of a driver-based MITM malware: iTranslator
  18. The ‘Gazorp’ Dark Web Azorult builder
  19. How the Dridex gang makes millions from bespoke ransomware
  20. Adwind dodges AV via DDE
  21. Hide and Seek IoT botnet uses ADB over Internet to exploit thousands of Android devices
  22. Torii botnet – not another Mirai variant
  23. Cyber attacks on colleges and universities: who, when and why?
  24. Ghostbuster: Detecting the presence of hidden eavesdroppers (PDF)
  25. Secret Service warns of surge in ATM ‘wiretapping’ attacks
  26. How to protect your data from Magecart and other e-commerce attacks
  27. Release 2.1.1 Mimikatz
  28. Introducing the Librem Key
  29. Mozilla rolls out recovery key option for Firefox accounts
  30. Password tips from a pen tester

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *