IT Security Weekend Catch Up – August 6, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Meet Window Snyder, the trailblazer who helped secure the internet and billions of devices
  2. Fake FlipperZero sites promise free devices after completing offer
  3. Clop ransomware now uses torrents to leak data and evade takedowns
  4. Kazakhstan refuses to extradite detained Russian cyber expert to US
  5. Astronomical observations at the International Gemini Observatory suspended
  6. Hacktivists fund their operations using common cybercrime tactics
  7. Operation Narsil disrupts network of child abuse websites designed to generate profits from advertising

For the more technical

  1. The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
  2. 2022 top routinely exploited vulnerabilities
  3. Google AMP – The newest of evasive phishing tactic
  4. Universal and transferable adversarial attacks on aligned language models
  5. Collide+Power. Leaking inaccessible data with software-based power side channels
  6. Emerging attacker exploit: Microsoft cross-tenant synchronization
  7. Multiple high severity vulnerabilities in Ninja Forms plugin
  8. Security hole in Minecraft mods lets hackers execute code remotely
  9. Unsafe deserialization vulnerability in many Minecraft mods
  10. Use native pointer of function to bypass the latest Chrome v8 sandbox
  11. New acoustic attack steals data from keystrokes with 95% accuracy
  12. Tesla jailbreak unlocks theft of in-car paid features
  13. Midnight Blizzard conducts targeted social engineering over Microsoft Teams
  14. Fake blockchain games deliver RedLine Stealer & Realst Stealer – A new macOS infostealer malware
  15. What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot
  16. Pikabot deep analysis
  17. Inside the IcedID BackConnect protocol
  18. WikiLoader digs sophisticated evasion
  19. New Rilide stealer version targets banking data and works around Google Chrome Manifest V3
  20. NodeStealer 2.0 – The Python version: Stealing Facebook business accounts
  21. Related CherryBlos and FakeTrade Android malware involved in scam campaigns
  22. APT Bahamut targets individuals with Android malware using spear messaging
  23. CISA releases malware analysis reports on Barracuda backdoors
  24. Linux version of Abyss Locker ransomware targets VMware ESXi servers
  25. Common TTPs of attacks against industrial organizations. Implants for gathering data

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *