IT Security Weekend Catch Up – February 9, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Hong Kong firm loses over $25mn after employee’s video call with deepfake ‘chief financial officer’, others
  2. “This forum is a bunch of communists and they set me up”, LockBit spills the tea regarding their recent ban on Russian-speaking forums
  3. Ransomware payments exceed $1 billion in 2023, hitting record high after 2022 decline
  4. Computer viruses are celebrating their 40th birthday (well, 54th, really)
  5. Hyundai Motor Europe hit by Black Basta ransomware attack
  6. US offers $10 million reward for info on Hive ransomware gang members
  7. INTERPOL-led operation targets growing cyber threats
  8. Foreign national charged for international money laundering conspiracy and role in operation of unlicensed digital currency exchange BTC-e
  9. Arrests in $400M SIM-swap tied to heist at FTX? + more information
  10. Fraudulent app impersonating LastPass currently available in Apple App Store
  11. Yandex parent company to sell its Russian businesses for $5.2 billion
  12. From cybercrime Saul Goodman to the Russian GRU

For the more technical

  1. New Fortinet RCE flaw in SSL VPN likely exploited in attacks
  2. The importance of patching: An analysis of the exploitation of N-Day vulnerabilities
  3. Ministry of Defence of the Netherlands uncovers COATHANGER, a stealthy Chinese FortiGate RAT
  4. Ivanti urges customers to patch yet another critical vulnerability
  5. The “EventLogCrasher” 0day for remotely disabling Windows Event Log, and a free micropatch for it
  6. Leaky Vessels: Docker and runc container breakout vulnerabilities
  7. Unveiling Atlassian Confluence vulnerability CVE-2023-22527: Understanding and mitigating remote code execution risks
  8. Buying Spying: How the commercial surveillance industry works and what can be done about it
  9. Frog4Shell — FritzFrog botnet adds one-days to its arsenal
  10. How Spoutible’s leaky API spurted out a deluge of personal data
  11. Facebook ads push new Ov3r_Stealer password-stealing malware
  12. Hackers steal data of 2 million in SQL injection, XSS attacks
  13. Exploring the latest Mispadu stealer variant
  14. Raspberry Robin keeps riding the wave of endless 1-days
  15. Chinese hackers fail to rebuild botnet after FBI takedown
  16. PRC state-sponsored actors compromise and maintain persistent access to U.S. critical infrastructure

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *