- [XMCO]Des attaquants exploitent activement une vulnérabilité affectant Confluence pour déployer le ransomware Gandcrab
- [FireEye]TRITON Actor TTP Profile, Custom Attack Tools, Detections, and
ATT&CK Mapping
- [Sophos]NSA asks to end mass phone surveillance
- [kreb]P2P Weakness Exposes Millions of IoT Devices
- [Trend]AESDDoS Botnet Malware Exploits CVE-2019-3396 to Perform Remote Code Execution, DDoS Attacks, and Cryptocurrency Mining
- [Sophos]Fingerprint glitch in passports swapped left and right hands
- [Sophos]Microsoft drops password expiration from Windows 10 security
- [Sophos]Cops can try suspect’s fingers on locked iPhones found at crime scene
- [Eset]Week in security with Tony Anscombe
- [FireEye]CARBANAK Week Part Three: Behind the CARBANAK Backdoor
- [SecList]Operation ShadowHammer: a high-profile supply chain attack
- [FireEye]CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis
- [FireEye]CARBANAK Week Part One: A Rare Occurrence
- [SecList]New zero-day vulnerability CVE-2019-0859 in win32k.sys
- [Eset]BEC fraud losses almost doubled last year
- [SecList]Large-scale SIM swap fraud
- [SecList]Gaza Cybergang Group1, operation SneakyPastes
- [SecList]Project TajMahal – a sophisticated new APT framework
- [Sophos]ExtraPulsar backdoor based on leaked NSA code – what you need to know
- [SecList]Digital Doppelgangers
- [Sophos]Blochainbandit stole $54 million of Ethereum by guessing weak keys
- [SecList]BasBanke: Trend-setting Brazilian banking Trojan
- [Trend]Emotet Adds New Evasion Technique and Uses Connected Devices as Proxy C&C Servers
- [Sophos]Atlanta Hawks fall prey to Magecart credit card skimming group
- [SecList]Roaming Mantis, part IV
- [Sophos]Teen sues Apple for $1 billion over Apple stores’ facial recognition
- [SecList]Beware of stalkerware
- [Eset]Over 23 million breached accounts used ‘123456’ as password
- [FireEye]CARBANAK Week Part Four: The CARBANAK Desktop Video Player
- [SecList]Game of Threats
- [FireEye]CARBANAK Week Part Three: Behind the CARBANAK Backdoor
- [FireEye]CARBANAK Week Part Three: Behind the CARBANAK Backdoor
- [FireEye]CARBANAK Week Part Three: Behind the CARBANAK Backdoor
- [FireEye]CARBANAK Week Part One: A Rare Occurrence
- [Sophos]Ex-student records himself using USB Killer to fry college computers
- [Trend]Uncovering CVE-2019-0232: A Remote Code Execution Vulnerability in Apache Tomcat
- [Sophos]NYPD forgets to redact facial recognition docs, asks for them back
- [Sophos]Gunpoint domain hijack turns out to have been a family affair
- [Sophos]DNS over HTTPS is coming whether ISPs and governments like it or not
- [Eset]WannaCryptor ‘accidental hero’ pleads guilty to malware charges
- [FireEye]CARBANAK Week Part One: A Rare Occurrence
- [FireEye]CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis
- [Sophos]Phone fingerprint scanner fooled by chewing gum packet
- [AVAST]Adware Plagues Google Play Store | Avast
- [Sophos]Hotspot finder app blabs 2 million Wi-Fi network passwords
- [Sophos]Once again, it’s 123456: the password that says ‘I give up’
- [Trend]Analysis: Abuse of Custom Actions in Windows Installer MSI to Run Malicious JavaScript, VBScript, and PowerShell Scripts
- [SecList]Operation ShadowHammer: a high-profile supply chain attack
- [Sophos]Tuesday review – the hot 21 stories of the week
- [kreb]Who’s Behind the RevCode WebMonitor RAT?