Past Issues
August 12-16, 2019
Spotlight: Patch Tuesday—August
Top stories: HTTP/2 vulnerabilities lead to DoS attacks, vulnerabilities in Bluetooth BR/EDR devices, report on safety of school records, Cyber Command warns of Lazarus group malware
August 19-23, 2019
Spotlight: Texas Ransomware Attacks
Top stories: Well-known routers vulnerable to leaks, Cisco patches critical bugs, Webmin backdoored, Kubernetes flaws lead to DoS attacks, abuse of newly registered domains
July 8-12, 2019
Spotlight: Patch Tuesday—July
Top stories: Citrix fixes critical SD-WAN flaw, Zoom flaw enables Mac webcam hacks, Critical Jiral server and data center patches, Windows zero-day exploit, Android apps collecting data even with denied permissions
July 15-19, 2019
Spotlight: Ellucian Banner Vulnerability Used for Hacking 62 Universities
Top stories: Google workers listen to "Ok Google" requests, Zoom RCE flaw, Office 365 banned by German schools, new Android attack allows apps to collect loudspeaker data, Canadian advisory on fileless malware, Kazakhstan intercepts HTTPS data for all citizens
July 22-26, 2019
Spotlight: Election Security and Geo-political Motivations for Hacking
Top stories: Vulnerabilities in multiple VPNs; Phishing attack at Lancaster University; Ransomware attacks at Louisiana school districts, Northwest Indian College, and iNSYNC Cloud Hosting; BlueKeep scanner discovered, new BlueKeep explainer posted online
July 29-Aug 2, 2019
No Weekly Watch this week due to staff training.
June 3-7, 2019
Spotlight: Overview of Robbinhood attack on the city of Baltimore
Top stories: Australian National University data breach, ByeBear Windows patch bypass, European Data Protection Summit, State Dpeartment's proposed Cybersecurity Bureau, BlackSquid uses eight exploits to drop XMRig Miner
June 10-14, 2019
Spotlight: Bluekeep the Next WannaCry?
Top stories: Goldbrute, Exim mail servers exposed, bad cert vulnerability can bring down windows servers, Linux command-line editors vulnerable, Major VPNs could be blocked by Russia, U.S.intensifying offensive cyber measures
May 13-17, 2019
Spotlight: Microsoft patched "wormable" vulnerability
Top stories: Critical vulnerability in Cisco's secure boot process, speculative execution bug in Intel chips, U.S. Government on O365 best practices, Trump signs order to ban Huawei
May 20-24, 2019
Spotlight: SandboxEscaper drops PoCs for multiple Microsoft vulnerabilities
Top stories: Intel fixes critical flaws, Slack patches Window client vulnerability, Baltimore expects long recovery time from ransomware attack, Google stores Enterprise customer passwords in plaintext, helpful cybersecurity resources for educators
May 27-31, 2019
Spotlight: GDPR - One year in
Top stories: UK Universities facing daily attacks by state actors, FEC partners with Harvard nonprofit to provide cybersecurity for election campaigns, Flipboard user email addresses and hashed passwords stolen, Middle East social media accounts impersonate U.S. candidates, First American Financial leaked hundreds of millions of records
April 8-12, 2019
Spotlight: Hoplight, a new North Korean malware
Top stories: Auto-upload malware on Mar-a-Lago jump drive, Patch Tuesday, TajMahal APT framework, and WPA3 security flaws
April 15-19, 2019
Spotlight: A high number of critical patches and advsories: Apache Tomcat, Wordpress, Oracle, Confluence, Cisco, Drupal, and win32k.sys
Top stories: Sea Turtle, Windows zero day, Microsoft 365/Hotmail, and university computers fried with weaponized USB
April 22-26, 2019
Spotlight: FBI 2018 Internet Crime Report, and a report on "Improving CyberSecurityAwareness in Underserved Populations" from the University of California, Berkeley
Top stories: Attacks on DICOM files, GandCrab exploits Confluence vulnerability, Oracle WebLogic zero-day RCE flaw, exposure of Mexican Embasy data, and increased Twitter bot activity following Mueller report
April 29-May 3, 2019
Spotlight: Docker Hub breach
Top stories: DHS order vulnerabilities patched within 15 days, trojanized TeamViewer used on governemtn targets, Magecart skimming attacks at campus online stores, SAP systems bulnerabile to 10KBlaze