IT Security Weekend Catch Up – September 5, 2020

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Cellphone hacking and millions in Gulf deals: Inner workings of top secret Israeli cyberattack firm revealed
  2. A Saudi prince’s attempt to silence critics on Twitter
  3. Covid is accelerating a global censorship crisis
  4. New steps to combat disinformation
  5. India bans PUBG Mobile, and over 100 other Chinese apps
  6. Google removes Android app that was used to spy on Belarusian protesters
  7. Education apps are sending your location data and personal info to advertisers
  8. U.S. court: Mass surveillance program exposed by Snowden was illegal
  9. Norwegian Parliament discloses cyber-attack on internal email system
  10. Twitter hack may have had another mastermind: A 16-year-old
  11. Russian national indicted for conspiracy to introduce malware into a computer network
  12. AlphaBay dark web marketplace moderator gets 11 years in prison
  13. San Jose man pleads guilty to damaging Cisco’s Network

For the more technical

  1. Operation PowerFall: CVE-2020-0986 and variants
  2. Microsoft Defender can be used to directly download a file from the internet
  3. Malicious npm package caught trying to steal sensitive Discord and browser files
  4. Cisco IOS XR software DVMRP memory exhaustion vulnerabilities
  5. Four vulnerabilities in Cisco Jabber
  6. Remote Code Execution in Slack desktop apps
  7. Takeover an account that doesn’t have a Shopify ID and more
  8. Exploits in the wild for vBulletin pre-auth RCE vulnerability CVE-2020-17496
  9. Critical zero-day vulnerability fixed in WordPress File Manager (700,000+ installations)
  10. Critical vulnerabilities discovered in MoFi routers
  11. In the wild QNAP NAS attacks
  12. IT threat evolution Q2 2020 + PC statistics + mobile statistics
  13. (Yet another one) CenturyLink BGP incident and the blinking Internet
  14. European ISPs report mysterious wave of DDoS attacks
  15. Cybersquatting: Attackers mimicking domains of major brands including Facebook, Apple, Amazon and Netflix to scam consumers
  16. Who is Pioneer Kitten?
  17. Charming Kitten campaign evolved and deploying spear-phishing link by WhatsApp (PDF)
  18. New web skimmer steals credit card data, sends to crooks via Telegram
  19. Warner Music discloses months-long web skimming incident
  20. KryptoCibule: The multitasking multicurrency cryptostealer
  21. NetWalker ransomware in 1 hour
  22. AV-TEST: 14 Android security apps put to an endurance test
  23. 6 new apps with Joker malware on Google Play
  24. Terracotta Android malware: A technical study
  25. Apple accidentally approved malware disguised as Flash
  26. What does your car know about you? We hacked a Chevy to find out
  27. On the uniqueness and reidentifiability of web browsing histories (PDF)
  28. The underground cybercrime economy of hacked Fortnite and gaming accounts
  29. “Alexa, who is the number one cybercriminal forum to rule them all?”
  30. Understanding the money laundering techniques that support large-scale cyber-heists (PDF)

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *