IT Security Weekend Catch Up – February 4, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. A robot was scheduled to argue in court, then came the jail threats
  2. Latvia says Russian hackers tried to phish its Ministry of Defence
  3. Russian ‘hacktivists’ briefly knock German websites offline
  4. Former employee of technology company pleads guilty to stealing confidential data and extorting company for ransom

For the more technical

  1. When pwning Cisco, persistence is key – when pwning supply chain, Cisco is key
  2. Update vRealize now! VMware patches critical RCE vulnerabilities
  3. Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide
  4. KeePass disputes vulnerability allowing stealthy password theft
  5. No macro? No worries. VSTO being weaponized by threat actors
  6. ImageMagick: The hidden vulnerability behind your online images
  7. PHP Development Server <= 7.4.21 – Remote Source Disclosure
  8. New Sh1mmer ChromeBook exploit unenrolls managed devices
  9. Two factor authentication bypass on Facebook
  10. Action needed for GitHub Desktop and Atom users
  11. Google Fi data breach let hackers carry out SIM swap attacks
  12. HeadCrab: A novel state-of-the-art Redis malware in a global campaign
  13. 6-year-old packer used to deploy the most wanted malware
  14. Prilex modification now targeting contactless credit card transactions
  15. CryptBot infostealer: Malware analysis
  16. ESET APT Activity Report T3 2022
  17. Black Basta backend operations
  18. Passion: A Russian botnet
  19. The dangerous consequences of threat actors abusing Microsoft’s “Verified Publisher” status
  20. No Pineapple! –DPRK targeting of medical research and technology sector
  21. SwiftSlicer: New destructive wiper malware strikes Ukraine
  22. Seaborgium and TA453 continue their respective spear-phishing campaigns against targets of interest
  23. Operation Ice Breaker targets the gam(bl)ing industry right before it’s biggest gathering
  24. New APT34 malware targets the Middle East
  25. InTheBox web injects targeting Android banking applications worldwide
  26. Crypto money laundering: Four exchange deposit addresses received over $1 billion in illicit funds in 2022

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *