Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Hong Kong firm loses over $25mn after employee’s video call with deepfake ‘chief financial officer’, others
- “This forum is a bunch of communists and they set me up”, LockBit spills the tea regarding their recent ban on Russian-speaking forums
- Ransomware payments exceed $1 billion in 2023, hitting record high after 2022 decline
- Computer viruses are celebrating their 40th birthday (well, 54th, really)
- Hyundai Motor Europe hit by Black Basta ransomware attack
- US offers $10 million reward for info on Hive ransomware gang members
- INTERPOL-led operation targets growing cyber threats
- Foreign national charged for international money laundering conspiracy and role in operation of unlicensed digital currency exchange BTC-e
- Arrests in $400M SIM-swap tied to heist at FTX? + more information
- Fraudulent app impersonating LastPass currently available in Apple App Store
- Yandex parent company to sell its Russian businesses for $5.2 billion
- From cybercrime Saul Goodman to the Russian GRU
For the more technical
- New Fortinet RCE flaw in SSL VPN likely exploited in attacks
- The importance of patching: An analysis of the exploitation of N-Day vulnerabilities
- Ministry of Defence of the Netherlands uncovers COATHANGER, a stealthy Chinese FortiGate RAT
- Ivanti urges customers to patch yet another critical vulnerability
- The “EventLogCrasher” 0day for remotely disabling Windows Event Log, and a free micropatch for it
- Leaky Vessels: Docker and runc container breakout vulnerabilities
- Unveiling Atlassian Confluence vulnerability CVE-2023-22527: Understanding and mitigating remote code execution risks
- Buying Spying: How the commercial surveillance industry works and what can be done about it
- Frog4Shell — FritzFrog botnet adds one-days to its arsenal
- How Spoutible’s leaky API spurted out a deluge of personal data
- Facebook ads push new Ov3r_Stealer password-stealing malware
- Hackers steal data of 2 million in SQL injection, XSS attacks
- Exploring the latest Mispadu stealer variant
- Raspberry Robin keeps riding the wave of endless 1-days
- Chinese hackers fail to rebuild botnet after FBI takedown
- PRC state-sponsored actors compromise and maintain persistent access to U.S. critical infrastructure
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.