IT Security Weekend Catch Up – August 24, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Chrome will redact credit cards, passwords when you share Android screen
  2. NSA tracks Google ads to find Tor users
  3. Bypass Paywalls Clean shut down for DMCA anti-circumvention violations
  4. Microchip Technology says operations disrupted by cyberattack
  5. Toyota confirms third-party data breach impacting customers
  6. Russian arrested in Argentina for laundering money for hackers
  7. Pulaski county man sentenced for cyber intrusion and aggravated identity theft

For the more technical

  1. Design flaw has Microsoft Authenticator overwriting MFA accounts, locking users out
  2. $4,998 bounty awarded and 100,000 WordPress sites protected against unauthenticated remote code execution vulnerability patched in GiveWP WordPress plugin
  3. Critical privilege escalation in LiteSpeed Cache plugin affecting 5+ million sites
  4. Data exfiltration from Slack AI via indirect prompt injection
  5. Leaked environment variables allow large-scale extortion operation of cloud environments
  6. How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions
  7. [VIDEO] CVE-2024-38063: The End of IPv6 as we know it or not a big deal?
  8. 60 hurts per second – How we got access to enough solar power to run the United States
  9. MIFARE Classic: exposing the static encrypted nonce variant… and a few hardware backdoors
  10. Exploits and vulnerabilities in Q2 2024
  11. Xeon Sender – SMS spam shipping multi-tool targeting SaaS credentials
  12. Be careful what you pwish for – Phishing in PWA applications
  13. Unmasking the SMS stealer: Targeting several countries with deceptive apps
  14. NGate Android malware relays NFC traffic to steal cash
  15. Don’t get Mad, get wise
  16. CryptoCore: Unmasking the sophisticated cryptocurrency scam operations
  17. Hundreds of online stores hacked in new campaign\
  18. Unmasking Styx Stealer: How a hacker’s slip led to an intelligence treasure trove
  19. Beyond the wail: Deconstructing the Banshee infostealer
  20. Qilin ransomware caught stealing credentials stored in Google Chrome
  21. CISA warns of Jenkins RCE bug exploited in ransomware attacks
  22. New backdoor targeting Taiwan employs stealthy communications
  23. BlindEagle flying high in Latin America
  24. MoonPeak malware from North Korean actors unveils new details on attacker infrastructure
  25. Analysis of puNK-003’s Lilith RAT ported to AutoIt Script
  26. Windows driver zero-day exploited by Lazarus hackers to install rootkit
  27. GreenCharlie infrastructure targeting US political entities with advanced phishing and malware

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *