IT Security Weekend Catch Up – January 8, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Rights group verifies Polish senator was hacked with spyware
  2. Swiss army bans all chat apps but locally-developed Threema
  3. Cyber attack on UK’s Defence Academy had ‘significant’ impact, officer in charge at the time reveals
  4. The biggest data breaches, hacks of 2021
  5. New York OAG monitors hacking forums, notifies 17 companies of security breaches
  6. Top 200 most common passwords
  7. Kazakhstan leaders shut down internet amid gas price protests
  8. Portugal’s Impresa media outlets hit by hackers
  9. FinalSite discloses ransomware attack that crippled websites for 8,000 schools
  10. FBI: FIN7 hackers target US companies with BadUSB devices to install ransomware
  11. Italian mafia fugitive arrested in Spain after Google Street View sighting

For the more technical

  1. The JNDI strikes back – unauthenticated RCE in H2 database console
  2. UK NHS: Threat actor targets VMware Horizon servers using Log4Shell exploits
  3. Persistence without “persistence”: Meet the ultimate persistence bug – “NoReboot”
  4. Hacking a VW Golf Power Steering ECU [1] [2] [3] [4]
  5. Business in the crosshairs: analyzing attack scenarios
  6. Don’t copy-paste commands from webpages — you can get hacked
  7. Google Docs comment exploit allows for distribution of phishing and malware
  8. Evolving attack techniques of Autom cryptomining campaign
  9. A new web skimmer campaign targets real estate websites through attacking cloud video distribution supply chain
  10. Elephant Beetle: Uncovering an organized financial-theft operation
  11. New Zloader campaign exploits Microsoft’s signature verification putting users at risk
  12. FluBot malware now targets Europe posing as Flash Player app
  13. Malicious Telegram installer drops Purple Fox rootkit
  14. Patchwork APT caught in its own web
  15. North Korean group “KONNI” targets the Russian diplomatic sector with new versions of malware implants
  16. Cloud security breaches and vulnerabilities: 2021 in review

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *