Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Notorious phishing platform shut down, arrests in international police operation
- Hackers rig casino card-shuffling machines for ‘full control’ cheating
- Lapsus$ hackers took SIM-swapping attacks to the next level
- Humans can detect deepfake speech only 73% of the time, study finds
- Junk websites filled with AI-generated text are pulling in money from programmatic ads
- Supermarket AI meal planner app suggests recipe that would create chlorine gas
- Facial recognition tech lands innocent woman with bogus carjacking charge
- CNET deletes thousands of old articles to game Google search
For the more technical
- Inception: how a simple XOR can cause a microarchitectural stack overflow
- New Downfall attacks on Intel CPUs steal encryption keys, data + more information
- Gafgyt malware exploits five-years-old flaw in EoL Zyxel router
- Microsoft August 2023 Patch Tuesday
- Microsoft Visual Studio Code flaw lets extensions steal passwords
- How to enable hidden Windows 11 features with Microsoft StagingTool
- Automation of cybersecurity work (PDF)
- Dangerous vulnerability found in Mozilla VPN client
- CVE-2023-39143: PaperCut path traversal/file upload RCE vulnerability
- An update on Chrome Security updates – shipping security fixes to you faster
- GG18 and GG20 Paillier key vulnerability [CVE-2023-33241]: Technical report
- Lindell17 abort vulnerability [CVE-2023-33242]: Technical report
- Invisible adware: Unveiling ad fraud targeting Android users
- Cloudflare Tunnel increasingly abused by cybercriminals
- Cloud account takeover campaign leveraging EvilProxy targets top-level executives at over 100 global organizations
- Old exploit kits still kicking around in 2023
- Gootloader: Why your legal document search may end in misery
- Visualizing Qakbot infrastructure part II: Uncharted territory
- An overview of the new Rhysida ransomware targeting the healthcare sector
- North Korea compromises sanctioned Russian missile engineering company
- MoustachedBouncer: Espionage against foreign diplomats in Belarus
- Hackers use open source Merlin post-exploitation toolkit in attacks
- Southern African power generator targeted with DroxiDat malware
- RedHotel: A prolific, Chinese state-sponsored group operating at a global scale
- New threat actor targets Bulgaria, China, Vietnam and other countries with customized Yashma ransomware
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
Hello! Love your work , but link 7 Automation of cybersecurity work (PDF) links to link 1 Inception: how a simple XOR can cause a microarchitectural stack overflow
Thanks for the info, now corrected 🙂