Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- US unveils new rules to block China, Russia and Iran from accessing bulk US data
- Pegasus spyware firm NSO lobbies to get off U.S. blacklist
- What internet data brokers have on you – and how you can start to get it back
- Dutch government will replace hackable traffic lights to avoid movie-like carnage
- Goodbye, floppies – San Francisco pays Hitachi $212 million to remove 5.25-inch disks from its light rail service
- Internet Archive breached again through stolen access tokens
- Four cyber companies fined for SolarWinds disclosure failures
- Russia sentences REvil ransomware members to over 4 years in prison
- Teenager took his own life after falling in love with AI chatbot. Now his devastated mom is suing the creators
- Researchers say an AI-powered transcription tool used in hospitals invents things no one ever said
- ByteDance intern fired for planting malicious code in AI models
For the more technical
- Pwn2Own Ireland 2024 – day one, two, three & four
- Investigating FortiManager zero-day exploitation (CVE-2024-47575)
- Fortinet FortiGate CVE-2024-23113 – A super complex vulnerability in a super secure appliance in 2024
- Exposing the danger within: Hardcoded cloud credentials in popular mobile apps
- Embargo ransomware: Rock’n’Rust
- Akira ransomware continues to evolve
- macOS NotLockBit | Evolving ransomware samples suggest a threat actor sharpening its tools
- Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
- New Qilin.B ransomware variant boasts enhanced encryption and defense evasion
- Unmasking Lumma Stealer: Analyzing deceptive tactics with fake CAPTCHA
- Largest retail breach in history: 350 million “Hot Topic” customers’ personal & payment data exposed — as a result of infostealer infection
- Inside the Latrodectus malware campaign
- Latrodectus: A year in the making
- Tricks and treats: GHOSTPULSE’s new pixel- level deception
- Using gRPC and HTTP/2 for cryptominer deployment: An unconventional approach
- Unmasking Prometei: A deep dive into our MXDR findings
- Operation Cobalt Whisper: Threat actor targets multiple industries across Hong Kong and Pakistan
- Highlighting TA866/Asylum Ambuscade activity since 2021
- EIW – ESET Israel Wiper – used in active attacks targeting Israeli orgs
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.