IT Security Weekend Catch Up – December 6, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Russian money laundering networks uncovered linking narco traffickers, ransomware gangs and Kremlin spies
  2. Russia delivers historic life sentence to suspected founder of darknet marketplace
  3. Germany arrests suspected admin of country’s largest criminal marketplace
  4. International operation takes down another encrypted messaging service used by criminals
  5. U.S. offered $10M for hacker just arrested by Russia
  6. Leak: what law enforcement can unlock with the ‘Graykey’ iPhone hacking tool
  7. A new phone scanner that detects spyware has already found 7 Pegasus infections
  8. Uganda confirms hack of central bank accounts, official downplays extent of loss
  9. 760,000 employee records from several major firms leaked online
  10. Pakistan tests secret China-like ‘firewall’ to tighten online surveillance

For the more technical

  1. Supply chain attack detected in Solana’s web3.js library
  2. The far-reaching consequences of LogoFAIL
  3. LogoFAIL exploited to deploy Bootkitty, the first UEFI bootkit for Linux
  4. Progress WhatsUp Gold NmAPI.exe registry overwrite unauthenticated RCE
  5. Over-the-air vulnerabilities discovered in Advantech EKI access points
  6. ProjectSend CVE-2024-11680 exploited in the wild
  7. Cloudflare’s pages.dev and workers.dev domains increasingly abused for phishing
  8. Novel phishing campaign uses corrupted Word documents to evade security
  9. Who ordered the Smokedham? Backdoor delicacies in the wild
  10. DroidBot: Insights from a new Turkish MaaS fraud operation
  11. Device confiscated by Russian authorities returned with Monokle-type spyware installed
  12. Unveiling RevC2 and Venom loader
  13. SmokeLoader attack targets companies in Taiwan
  14. Gafgyt malware broadens its scope in recent attacks
  15. Inside Akira ransomwareis Rust experiment
  16. The curious case of an egg-cellent resume
  17. Stellar discovery of a new cluster of Andromeda/Gamarue C2
  18. Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage
  19. Snowblind: The invisible hand of Secret Blizzard
  20. Moonshine exploit kit and DarkNimbus backdoor enabling Earth Minotaur’s multi-platform attacks

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *