IT Security Weekend Catch Up – August 12, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

1. Notorious phishing platform shut down, arrests in international police operation
2. Hackers rig casino card-shuffling machines for ‘full control’ cheating
3. Lapsus$ hackers took SIM-swapping attacks to the next level
4. Humans can detect deepfake speech only 73% of the time, study finds
5. Junk websites filled with AI-generated text are pulling in money from programmatic ads
6. Supermarket AI meal planner app suggests recipe that would create chlorine gas
7. Facial recognition tech lands innocent woman with bogus carjacking charge
8. CNET deletes thousands of old articles to game Google search

For the more technical

1. Inception: how a simple XOR can cause a microarchitectural stack overflow
2. New Downfall attacks on Intel CPUs steal encryption keys, data + more information
3. Gafgyt malware exploits five-years-old flaw in EoL Zyxel router
4. Microsoft August 2023 Patch Tuesday
5. Microsoft Visual Studio Code flaw lets extensions steal passwords
6. How to enable hidden Windows 11 features with Microsoft StagingTool
7. Automation of cybersecurity work (PDF)
8. Dangerous vulnerability found in Mozilla VPN client
9. CVE-2023-39143: PaperCut path traversal/file upload RCE vulnerability
10. An update on Chrome Security updates – shipping security fixes to you faster
11. GG18 and GG20 Paillier key vulnerability [CVE-2023-33241]: Technical report
12. Lindell17 abort vulnerability [CVE-2023-33242]: Technical report
13. Invisible adware: Unveiling ad fraud targeting Android users
14. Cloudflare Tunnel increasingly abused by cybercriminals
15. Cloud account takeover campaign leveraging EvilProxy targets top-level executives at over 100 global organizations
16. Old exploit kits still kicking around in 2023
17. Gootloader: Why your legal document search may end in misery
18. Visualizing Qakbot infrastructure part II: Uncharted territory
19. An overview of the new Rhysida ransomware targeting the healthcare sector
20. North Korea compromises sanctioned Russian missile engineering company
21. MoustachedBouncer: Espionage against foreign diplomats in Belarus
22. Hackers use open source Merlin post-exploitation toolkit in attacks
23. Southern African power generator targeted with DroxiDat malware
24. RedHotel: A prolific, Chinese state-sponsored group operating at a global scale
25. New threat actor targets Bulgaria, China, Vietnam and other countries with customized Yashma ransomware

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.