IT Security Weekend Catch Up – January 27, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. U.S. says it ‘hacked the hackers’ to bring down ransomware gang, helping 300 victims
  2. Digital false flag operations: A how-to guide
  3. U.S. ‘No Fly List’ leaks after being left in an unsecured airline server
  4. GTA Online bug exploited to ban, corrupt players’ accounts
  5. Administrator of RSOCKS proxy botnet pleads guilty
  6. Ransomware revenue down as more victims refuse to pay
  7. Pakistan says country-wide power outage could have been caused by cyberattack
  8. Swipe right on our new credit card tokens
  9. Russia blocks access to US ‘Rewards for Justice,’ FBI and CIA websites

For the more technical

  1. Exploiting a critical spoofing vulnerability in Windows CryptoAPI
  2. EmojiDeploy: Smile! Your Azure web service just got RCE’d
  3. 2022 Microsoft Teams RCE
  4. CVE-2023-20025 – RCE in end-of-life Cisco routers
  5. Pwning the all Google phone with a non-Google bug
  6. Multiple vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)
  7. KnightCTF 2023 write-ups (RE category)
  8. New Mimic ransomware abuses Everything APIs for its encryption process
  9. Chinese PlugX malware hidden in your USB devices?
  10. Tracking the evolution of GootLoader operations
  11. Python-based PY#RATION attack campaign leverages fernet encryption and websockets to avoid detection
  12. Darth Vidar: The Dark Side of evolving
  13. Album Stealer targets Facebook adult-only content seekers
  14. Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
  15. Gigabud RAT: New Android RAT masquerading as government agencies
  16. Emotet returns with new methods of evasion
  17. Massive campaign uses hacked WordPress sites as platform for black hat ad network
  18. Over 50,000 instances of DragonBridge activity disrupted in 2022
  19. Traffic signals: The Vastflux takedown
  20. Sliver C2 leveraged by many threat actors
  21. Vice Society ransomware group targets manufacturing companies
  22. The year of the wiper
  23. TA444: The APT startup aimed at acquisition (of your funds)
  24. The 8220 Gang: Targeting cloud providers and vulnerable applications (PDF)
  25. Abraham’s Ax likely linked to Moses Staff

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *