IT Security Weekend Catch Up – April 9, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Expanding Play’s target level API requirements to strengthen user security
  2. Hacker accessed 319 crypto- and finance-related Mailchimp accounts, company said
  3. Hackers gaining power of subpoena via fake “Emergency Data Requests”
  4. Wtch this: Unravelling the mystery behind a secret YouTube URL
  5. Darkweb researcher warns of possible cyberattack against Indonesian energy company Perushaan Gas Negare
  6. Wind turbine giant Nordex shuts down IT systems in response to cyberattack
  7. Justice Department announces court-authorized disruption of botnet controlled by the Russian Federation’s main intelligence directorate (GRU)
  8. Disrupting cyberattacks targeting Ukraine
  9. The alleged scammers behind the most notorious murder-for-hire site have been arrested
  10. Shutdown of Russia’s Hydra Market disrupts a crypto-crime ATM
  11. Member of hacking group sentenced for scheme that compromised tens of millions of debit and credit cards

For the more technical

  1. Android security bulletin – April 2022
  2. CVE-2022-22965: Analyzing the exploitation of Spring4Shell vulnerability in weaponizing and executing the Mirai botnet malware
  3. PHP supply chain attack on PEAR
  4. Vulnerability in Rockwell Automation ISaGRAF
  5. An in-depth look at ICS vulnerabilities – part 2 & part 3
  6. Server-side request forgery on FinTech platform enabled administrative account takeover
  7. How we secure Monzo’s banking platform
  8. Parrot TDS takes over web servers and threatens millions
  9. European industrial infrastructure cyber threat perspective (PDF)
  10. VIASAT incident: from speculation to technical details
  11. Deep dive analysis – Borat RAT
  12. A bad luck BlackCat
  13. Denonia: The first malware specifically targeting Lambda
  14. Google is on guard: sharks shall not pass!
  15. Fake e‑shops on the prowl for banking credentials using Android malware
  16. Leave your message after the beep: WhatsApp voicemail phishing attack from Russia
  17. FFDroider stealer targeting social media platform users
  18. Scammers are exploiting Ukraine donations
  19. Chinese hackers abuse VLC Media Player to launch malware loader
  20. Suspected China-backed hackers target 7 Indian electricity grid centers
  21. Operation Bearded Barbie: APT-C-23 campaign targeting Israeli officials
  22. FIN7 power hour: Adversary archaeology and the evolution of FIN7
  23. Fresh Totolink vulnerabilities picked up by Beastmode Mirai campaign

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *