IT Security Weekend Catch Up – April 15, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. [VIDEO] How Ukraine and Russia are rewriting the rules of cyber war – BBC News
  2. He’s from a patriotic family — and allegedly leaked U.S. secrets
  3. Discord member details how documents leaked from closed chat group
  4. Apparent leaked U.S. docs suggest pro-Russian hackers accessed Canada’s gas network
  5. Kodi discloses data breach after forum database for sale online
  6. On the hunt for the businessmen behind a billion-dollar scam
  7. Inside the international sting operation to catch North Korean crypto hackers
  8. EVE Online player uses obscure rule to pull off the biggest heist in the game’s history
  9. How to beat roulette: One gambler figured it out and won big
  10. Richmond homeowner says ‘Find My iPhone’ app mistake causing angry residents to come to his house
  11. [VIDEO] Hands on with a smart gun that actually works

For the more technical

  1. The April 2023 security update review
  2. ELF hash function may overflow
  3. On self-healing code and the obvious issue
  4. HP to patch critical bug in LaserJet printers within 90 days
  5. [VIDEO] JDD 2022: Philipp Krenn – Learnings from Log4Shell
  6. Man-in-the-middle attacks without rogue AP: When WPAs meet ICMP redirects (PDF)
  7. Nokoyawa ransomware attacks with Windows zero-day
  8. Read The Manual Locker: A private RaaS provider
  9. Vice Society ransomware uses new PowerShell data theft tool in attacks
  10. Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign
  11. Legion: an AWS credential harvester and SMTP hijacker
  12. High severity vulnerability in WordPress Elementor Pro patched
  13. Who broke NPM?: Malicious packages flood leading to Denial of Service
  14. DDoS threat report for 2023 Q1
  15. ARES Leaks – emerging cyber crime cartel
  16. Overview of Google Play threats sold on the dark web
  17. Espionage campaign linked to Russian intelligence services
  18. Sweet QuaDreams. A first look at spyware vendor QuaDream’s exploits, victims, and customers
  19. DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia
  20. North Korean hackers linked to 3CX supply-chain attack, investigation finds
  21. Following the Lazarus group by tracking DeathNote campaign
  22. MERCURY and DEV-1084: Destructive attack on hybrid environment
  23. Transparent Tribe (APT36): Pakistan-aligned threat actor expands interest in Indian education sector

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *