IT Security Weekend Catch Up – April 5, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. US State Department investigates alleged theft of government data
  2. OWASP Foundation warns members of data breach after discovering 1,000 resumes on Wiki server
  3. AT&T confirms data for 73 million customers leaked on hacker forum
  4. US cancer center data breach exposes info of 827,000 patients
  5. New Chrome feature aims to stop hackers from using stolen cookies
  6. Google agrees to delete Incognito data despite prior claim that’s “impossible”
  7. Kinahan Cartel: Wanted narco boss exposes whereabouts by posting Google reviews
  8. Iowa sysadmin pleads guilty to 33-year identity theft of former coworker

For the more technical

  1. xz/liblzma: Bash-stage obfuscation explained
  2. Google patches critical vulnerability for Androids with Qualcomm chips
  3. $5,500 bounty awarded for unauthenticated SQL injection vulnerability patched in LayerSlider WordPress plugin
  4. Kobold letters: Why HTML emails are a risk to your organization
  5. How to prevent web API attacks with data validation – web API security guide
  6. HTTP/2 CONTINUATION Flood: Technical details
  7. DinodasRAT Linux implant targeting entities worldwide
  8. Bing ad for NordVPN leads to SecTopRAT
  9. Threat actors deliver malware via YouTube video game cracks
  10. AI meets next-gen info stealers in social media malvertising campaigns
  11. Breaking boundaries: Mispadu’s infiltration beyond LATAM
  12. Visa warns of new JSOutProx malware variant targeting financial orgs
  13. Latrodectus: This spider bytes like ice
  14. Android malware Vultur expands its wingspan
  15. Hosting firm’s VMware ESXi servers hit by new SEXi ransomware
  16. Agent Tesla targeting United States and Australia: Revealing the attackers’ identities
  17. Earth Freybug uses Unapimon for unhooking critical APIs
  18. Cutting edge, part 4: Ivanti Connect Secure VPN post-exploitation lateral movement case studies
  19. Cyber Safety Review Board releases report on Microsoft Online Exchange incident from summer 2023

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *