From Security Weekly Wiki
Jump to navigationJump to search


  1. Infamous Hacking Network Shut Down by Microsoft Resurfaces in Time for US Presidential Election The infamous "TrickBot" hacking network taken down by Microsoft last month has reemerged just in time for the U.S. presidential election.
  2. Google Reveals a New Windows Zero-Day Bug It Says Is Under Active Attack CVE-2020-17087, exploited by attackers to elevate their level of user access in Windows, leveraging Google Chrome vulnerability (CVE-2020-15999). MS fix will be released November 10th.
  3. US Cyber Command Exposes New Russian Malware Six of the eight samples uploaded by CNMF to its VirusTotal account are for "Turla" group's ComRAT malware, and the other two samples are for APT28's Zebrocy malware.
  4. Hackers Stole Credit Card Data from JM Bullion Online Bullion Dealer Attack stole PII/card data. Data offered for sale on Dark Web. Customers need to secure their credit.
  5. REvil Ransomware Gang Claims over $100 Million Profit in a Year They assert they have netted more than $100 million USD from their ransomware campaigns and strive to make at least $2 billion USD from their ransomware service by adopting the most profitable approaches of infecting targeted organizations' systems, including ransomware as a service, and payments for exfiltrated data.
  6. About the security content of iOS 14.2 and iPadOS 14.2 Apple drops iOS & iPadOS 14.2, multiple CVEs addressed. Also Catalina 10.15.7, tvOS 14.2, watchOS 7.1
  7. Someone Just Emptied Out a $1 Billion Bitcoin Wallet leaving just $1.38 USD in the account. Alon Gal had been watching this wallet since 2015 and suspects the outgoing transaction was conducted by the original owner of the wallet or by someone who was able to crack the password.
  8. Apple fixes three iOS zero-days exploited in the wild iOS & iPadOS 14.2 address these exploits.