IT Security Weekend Catch Up – April 8, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Genesis Market, one of world’s largest platforms for cyber fraud, seized by police
  2. Seized Genesis Market data is now searchable in Have I Been Pwned, courtesy of the FBI and “Operation Cookie Monster”
  3. [VIDEO] How anyone can destroy a scam website in minutes
  4. Users fume after Western Digital My Cloud network breach locks them out of their data
  5. Hacker stole my phone, credit card, identity. I set out to find them
  6. Spain’s most dangerous and elusive hacker now in police custody
  7. German police raid DDoS-friendly host ‘FlyHosting’
  8. Money Message ransomware gang claims MSI breach, demands $4 million
  9. Hunting down the haters. How Rostec, the Russian military’s industrial supplier, waged a PR war on Telegram
  10. [AUDIO] Rostec’s PR war on Telegram
  11. One of China’s most popular apps has the ability to spy on its users, say experts
  12. Flipper Zero banned by Amazon for being a ‘card skimming device’
  13. The Mullvad Browser is Tor Browser without the Tor Network

For the more technical

  1. Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack
  2. SonicWall out of bounds write DoS
  3. Malicious self-extracting archives, decoy files and their hidden payloads
  4. CAN Injection: keyless car theft
  5. The uninvited guest: IDORs, garage doors, and stolen secrets
  6. Hunting stalkerware, one year later
  7. Technical analysis of Xloader’s code obfuscation in version 4.3
  8. New OpcJacker malware distributed via fake VPN malvertising
  9. Malicious ISO file leads to domain wide ransomware
  10. ALPHV ransomware affiliate targets vulnerable backup installations to gain initial access
  11. Experts warn of fast-encrypting ‘Rorschach’ ransomware
  12. Fake ransomware gang targets U.S. orgs with empty data leak threats
  13. The Telegram phishing market
  14. High severity vulnerability fixed in WordPress Elementor Pro plugin
  15. Rilide: A new malicious browser extension for stealing cryptocurrencies
  16. STYX marketplace emerged in dark web focused on financial fraud
  17. New threat analysis group reporting underscores the evolution of ARCHIPELAGO
  18. Anonymous Sudan: Religious hacktivists or Russian front group?
  19. Joker DPR and the information war (PDF)
  20. Meet the FSB contractor: 0Day Technologies

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *