IT Security Weekend Catch Up – December 22, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. [AUDIO] Algorithms of Trauma 2. How Facebook feeds on your fears
  2. Musk’s X hit with first EU probe under new disinformation rules
  3. Scammers are tricking anti-vaxxers into buying bogus medical documents
  4. The names of thousands of neo-Nazi music fans just got leaked
  5. Ten years later, new clues in the Target breach
  6. AlphV ransomware site is “seized” by the FBI. Then it’s “unseized.” And so on
  7. Lapsus$: GTA 6 hacker handed indefinite hospital order
  8. USD 300 million seized and 3,500 suspects arrested in international financial crime operation

For the more technical

  1. Critical RCE vulnerability discovered in Perforce Helix Core Server
  2. 3CX warns customers to disable SQL database integrations
  3. [VIDEO] CONFidence 2023 conference recordings
  4. Spoofing DNS records by abusing DHCP DNS dynamic updates
  5. Novel Terrapin attack uses prefix truncation to downgrade the security of SSH channels
  6. Honeypot recon: MySQL malware infection via user-defined functions
  7. New process injection techniques using Windows thread pools
  8. Paged Out! #3 – a free experimental technical magazine
  9. SMTP smuggling – spoofing e-mails worldwide
  10. Fake VPN Chrome extensions force-installed 1.5 million times
  11. BazarCall attack leverages Google Forms to increase perceived credibility
  12. Getting gooey with GuLoader: deobfuscating the downloader
  13. PikaBot distributed via malicious search ads
  14. OilRig’s persistent attacks using cloud service-powered downloaders
  15. Qbot malware returns in campaign targeting hospitality industry
  16. “Inhospitality” malspam campaign targets hotel industry
  17. Zimperium’s 2023 Mobile Banking Heists Report
  18. Android banking trojan Chameleon can now bypass any biometric authentication
  19. Routers roasting on an open firewall: The KV-Botnet investigation
  20. Rhadamanthys v0.5.0 – a deep dive into the stealer’s components
  21. Smoke and mirrors: Understanding the workings of Wazawaka
  22. Akira, again: The ransomware that keeps on taking
  23. CryptoGuard: An asymmetric approach to the ransomware battle
  24. Lets open(dir) some presents: An analysis of a persistent actor’s activity
  25. Gaza Cybergang: Unified front targeting Hamas opposition

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *