IT Security Weekend Catch Up – December 20, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Serbia used Israeli firm’s tech to enable spy campaign, Amnesty says
  2. Researchers find security flaws in Skoda cars that may let hackers remotely track them
  3. Russia bans Viber, claiming app facilitates terrorism and drug trafficking
  4. Digital threat report: Telegram’s toxic recommendations perpetuate extremism
  5. Ukraine’s state registers hit with one of Russia’s largest cyberattacks, officials say
  6. Ukrainian national sentenced to federal prison in “Raccoon Infostealer” cybercrime case
  7. How to lose a fortune with just one bad click
  8. 2.2 billion stolen from crypto platforms in 2024, but hacked volumes stagnate toward year-end as DPRK slows activity post-July
  9. Cyborg cockroach armies can now be mass-produced at a rate of one every 68 seconds
  10. More than a quarter of new code at Google is generated by AI
  11. Indiana bakery still using Commodore 64s originally released in 1982 as cash registers

For the more technical

  1. AV Lab Cybersecurity Foundation advanced in-the-wild malware test November 2024
  2. Security review for Mullvad VPN AB (PDF)
  3. VBSpam email security comparative review – December 2024
  4. Google Calendar notifications bypassing email security policies
  5. Exploit attempts inspired by recent Struts2 file upload vulnerability (CVE-2024-53677, CVE-2023-50164)
  6. 300,000+ Prometheus servers and exporters exposed to DoS attacks
  7. How threat actors exploit brand collaborations to target popular YouTube channels
  8. Recent cases of watering hole attacks
  9. Effective phishing campaign targeting European companies and organizations
  10. Hidden in plain sight: TA397’s new attack chain delivers espionage RATs
  11. A look back: The evolution of Latin American eCrime malware in 2024
  12. New I2PRAT communicates via anonymous peer-to-peer network
  13. Earth Koshchei coopts red team tools in complex RDP attacks
  14. VIPKeyLogger infostealer in the wild
  15. Technical analysis of RiseLoader
  16. Spyware distributed through Amazon Appstore
  17. Crypted hearts: Exposing the HeartCrypt packer-as-a-service operation
  18. Under the Sadbridge with Gosar: Quasar gets a Golang rewrite
  19. Russia’s sovereign RuNet: A challenge to the cybercrime underworld?
  20. Tracking the FBI’s most wanted: “RedLine” info-stealer creator Maxim Rudometov

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *