Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- U.S. says it ‘hacked the hackers’ to bring down ransomware gang, helping 300 victims
- Digital false flag operations: A how-to guide
- U.S. ‘No Fly List’ leaks after being left in an unsecured airline server
- GTA Online bug exploited to ban, corrupt players’ accounts
- Administrator of RSOCKS proxy botnet pleads guilty
- Ransomware revenue down as more victims refuse to pay
- Pakistan says country-wide power outage could have been caused by cyberattack
- Swipe right on our new credit card tokens
- Russia blocks access to US ‘Rewards for Justice,’ FBI and CIA websites
For the more technical
- Exploiting a critical spoofing vulnerability in Windows CryptoAPI
- EmojiDeploy: Smile! Your Azure web service just got RCE’d
- 2022 Microsoft Teams RCE
- CVE-2023-20025 – RCE in end-of-life Cisco routers
- Pwning the all Google phone with a non-Google bug
- Multiple vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)
- KnightCTF 2023 write-ups (RE category)
- New Mimic ransomware abuses Everything APIs for its encryption process
- Chinese PlugX malware hidden in your USB devices?
- Tracking the evolution of GootLoader operations
- Python-based PY#RATION attack campaign leverages fernet encryption and websockets to avoid detection
- Darth Vidar: The Dark Side of evolving
- Album Stealer targets Facebook adult-only content seekers
- Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
- Gigabud RAT: New Android RAT masquerading as government agencies
- Emotet returns with new methods of evasion
- Massive campaign uses hacked WordPress sites as platform for black hat ad network
- Over 50,000 instances of DragonBridge activity disrupted in 2022
- Traffic signals: The Vastflux takedown
- Sliver C2 leveraged by many threat actors
- Vice Society ransomware group targets manufacturing companies
- The year of the wiper
- TA444: The APT startup aimed at acquisition (of your funds)
- The 8220 Gang: Targeting cloud providers and vulnerable applications (PDF)
- Abraham’s Ax likely linked to Moses Staff
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.