IT Security Weekend Catch Up – December 29, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. OSINT uphill – open sources of information and the spectrum of their availability
  2. Action against digital skimming reveals 443 compromised online merchants
  3. Lockbit ransomware disrupts emergency care at German hospitals
  4. Panasonic discloses data breach after December 2022 cyberattack
  5. Google settles $5 billion consumer privacy lawsuit
  6. NY Times sues OpenAI, Microsoft for infringing copyrighted works

For the more technical

  1. [VIDEO] Breaking “DRM” in Polish trains. Reverse engineering a train to analyze a suspicious malfunction
  2. [VIDEO] SMTP smuggling – spoofing e-mails worldwide
  3. Session-based vs. token-based authentication: Which is better?
  4. SonicWall discovers critical Apache OFBiz zero-day
  5. Barracuda fixes new ESG zero-day exploited by Chinese hackers
  6. Microsoft: Financially motivated threat actors misusing App Installer
  7. [VIDEO] Operation Triangulation: What you get when attack iPhones of researchers
  8. Operation Triangulation: The last (hardware) mystery
  9. [VIDEO] All cops are broadcasting. TETRA unlocked after decades in the shadows
  10. Annual Payment Fraud Intelligence Report: 2023
  11. MITRE launches critical infrastructure threat model framework
  12. Behind the scenes: JaskaGO’s coordinated strike on macOS and Windows
  13. Steam game mod breached to push password-stealing malware
  14. Analysis of attacks that install scanners on Linux SSH servers
  15. Exploiting monitoring and service mesh configurations and privileges in GKE to gain unauthorized access in Kubernetes
  16. MageCart WordPress plugin injects malicious user & credit card skimmer
  17. Stealth backdoor “Android/Xamalicious” actively infecting devices
  18. New malware found in analysis of Russian hacks on Ukraine, Poland
  19. Trend analysis on Kimsuky group’s attacks using AppleSeed
  20. A detailed analysis of the Menorah malware used by APT34
  21. Operation RusticWeb targets Indian Govt: From Rust-based malware to Web-service exfiltration

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *