IT Security Weekend Catch Up – August 31, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. France formally charges Telegram founder, Pavel Durov, over organized crime on messaging app (PDF)
  2. Is Telegram really an encrypted messaging app?
  3. Telegram is neither “secure” nor “encrypted”
  4. Typing these four characters could crash your iPhone
  5. Android malware steals payment card data using previously unseen technique
  6. Researchers find SQL injection to bypass airport TSA security checks
  7. Chrome VRP reward updates to incentivize deeper research
  8. Judge dismisses majority of GitHub Copilot copyright claims
  9. Researcher sued for sharing data stolen by ransomware with media
  10. US offers $2.5 million reward for information on Belarusian hacker

For the more technical

  1. AutoIT bot targets Gmail accounts first
  2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office
  3. Cryptojacking via CVE-2023-22527: Dissecting a full-scale cryptomining ecosystem
  4. Phishing in style: Microsoft Sway abused to deliver quishing attacks
  5. How 1 exposed Honeywell API gave us control over an internal engineering system
  6. Beware the unpatchable: Corona Mirai botnet spreads via zero-day
  7. Malware infiltrates Pidgin messenger’s official plugin repository
  8. Rocinante: The trojan horse that wanted to fly
  9. BlackSuit ransomware
  10. PeakLight: Decoding the stealthy memory-only malware
  11. The malware that must not be named: Suspected espionage campaign delivers “Voldemort”
  12. Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations
  13. Advanced persistent threat targeting Vietnamese human rights defenders
  14. Operation Oxidový: Sophisticated malware campaign targets Czech officials using NATO-themed decoys
  15. Taking the crossroads: The Versa Director zero-day exploitation
  16. North Korean threat actor Citrine Sleet exploiting Chromium zero-day
  17. Uncovering an Iranian counterintelligence operation
  18. State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
  19. From Cobalt Strike to Mimikatz: A deep dive into the SlowTempest campaign targeting Chinese users
  20. The EV code signature market for eCrime
  21. Greasy Opal: Greasing the skids for cybercrime

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *