Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Update on the plan for phase-out of third-party cookies on Chrome
- Data-hungry dating apps are worse than ever for your privacy
- Why is WhatsApp threatening to leave India? Everything you need to know
- Biden signs TikTok ‘ban’ bill into law, starting the clock for ByteDance to divest it
- Internet sanctions on Russian media: diverging actions and mixed effects
- Russian FSB counterintelligence chief gets 9 years in cybercrime bribery scheme
- How a massive hack of psychotherapy records revealed a nation’s secrets
- Founders and CEO of cryptocurrency mixing service arrested and charged with money laundering
For the more technical
- CVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM
- MS-DOS v1.25, v2.0, v4.0 source code
- New malware campaign targets WP-Automatic plugin
- Unplugging PlugX: Sinkholing the PlugX USB worm botnet
- Analysis of Dev Popper: New attack campaign targeting software developers likely associated with North Korean threat actors
- Redline stealer: A novel approach
- GitHub comments abused to push malware via Microsoft repo URLs
- GuptiMiner: Hijacking antivirus updates for distributing backdoors and casual mining
- ArcaneDoor – New espionage-focused campaign found targeting perimeter network devices
- Brokewell: do not go broke from new banking malware
- ToddyCat is making holes in your infrastructure
- APT73: Self-proclaimed “APT” ransomware group
- Sifting through the spines: identifying (potential) Cactus ransomware victims
- Malware dev lures child exploiters into honeytrap to extort them
- Poll vaulting: Cyber threats to global elections
- Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.