IT Security Weekend Catch Up – July 15, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Hacker who exposed some of soccer’s dirtiest secrets charged in Portugal
  2. Senior adviser to the operator of the Silk Road online black market sentenced to 20 years in prison
  3. Tracy resident charged with computer attack on discovery bay water treatment facility
  4. BreachForums administrator facing 30-year sentence after pleading guilty to three charges
  5. Revolut’s US payment flaws allowed thieves to steal $20mn
  6. Southwest diverted a flight after someone AirDropped a photo suggesting a bomb was on the plane
  7. The adtech industry tracks most of what you do on the Internet. This file shows just how much
  8. Wikimedia Foundation: Transparency report July to December 2022

For the more technical

  1. Personal safety user guide for Apple devices
  2. July 2023 Microsoft Patch Update
  3. Enhanced monitoring to detect APT activity targeting Outlook Online
  4. How to securely build product features using AI APIs
  5. Shortening the Let’s Encrypt chain of trust
  6. Proof of concept developed for Ghostscript CVE-2023-36664 code execution vulnerability
  7. Rockwell warns of new APT RCE exploit targeting critical infrastructure
  8. A case study on fuzzing satellite firmware
  9. Health threat landscape – ENISA report
  10. ESET Threat Report H1 2023
  11. Crypto crime mid-year update: Crime down 65% overall, but ransomware headed for huge year thanks to return of big game hunting
  12. M365 phishing email analysis – eevilcorp
  13. Cloudy with a chance of credentials: AWS-targeting cred stealer expands to Azure, GCP
  14. PyLoose: Python-based fileless malware targets cloud workloads to deliver cryptominer
  15. The spies who loved you: Infected USB drives to steal secrets
  16. Source code for BlackLotus Windows UEFI malware leaked on GitHub
  17. Fake Linux vulnerability exploit drops data-stealing malware
  18. RedEnergy: New stealer-as-a-ransomware out in the wild
  19. LokiBot campaign targets Microsoft Office document using vulnerabilities and macros
  20. A new threat targeting macOS – ‘ShadowVault’
  21. CustomerLoader: a new malware distributing a wide variety of payloads
  22. The Toitoin trojan: Analyzing a new multi-stage attack targeting LATAM region
  23. Letscall – new sophisticated Vishing toolset
  24. Malicious campaigns target government, military and civilian entities in Ukraine, Poland
  25. Diplomats beware: Cloaked Ursa phishing with a twist
  26. RomCom threat actor suspected of targeting Ukraine’s NATO membership talks at the NATO summit
  27. The GRU’s disruptive playbook
  28. Routers from the underground: Exposing AVrecon

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *