IT Security Weekend Catch Up – July 20, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. From Kyiv to Riga: Russian sabotage operations in the Baltics
  2. It’s never been easier for the cops to break into your phone
  3. Declare your AIndependence: block AI bots, scrapers and crawlers with a single click
  4. Rabbit r1’s AI assistant has secretly been storing user chats that can’t be deleted
  5. Apple, Nvidia, Anthropic used thousands of swiped YouTube videos to train AI
  6. Kaspersky Lab closing U.S. division; laying off workers
  7. Disney “breached”, data dumped online
  8. Interpol operation nabs 300 with links to West African cyber fraud

For the more technical

  1. [VIDEO] Solving Hackceler8 Teaser Task 2 by Gynvael Coldwind – Part 2 & Part 3
  2. CrowdStrike oopsie crashes Windows workstations across the world
  3. Cyber threat actors continue to leverage the outage to conduct malicious activity – Part 1 & Part 2
  4. The potential impact of the OpenSSH vulnerabilities CVE-2024–6387 and CVE-2024-6409
  5. Cisco Smart Software Manager on-prem password change vulnerability
  6. CVE-2024-38112: Void Banshee targets Windows users through zombie Internet Explorer in zero-day attacks
  7. SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts
  8. WARPscan – Cloudflare WARP abused to hijack cloud services
  9. Data-only attacks are easier than you think (PDF)
  10. Application Security report: 2024 update
  11. Attacking connection tracking frameworks as used by virtual private networks
  12. Play ransomware group’s new Linux variant targets ESXi, shows ties with Prolific Puma
  13. Hardening of HardBit
  14. RDGAs: The next chapter in domain generation algorithms
  15. HotPage: Story of a signed, vulnerable, ad-injecting driver
  16. Konfety spreads ‘Evil Twin’ apps for multiple fraud schemes
  17. FIN7 reboot: Cybercrime gang enhances ops with new EDR bypasses and automated attacks
  18. The return of Ghost Emperor’s Demodex
  19. New BugSleep backdoor deployed in recent MuddyWater campaigns
  20. TAG-100 uses open-source tools in suspected global espionage campaign, compromising two Asia-Pacific intergovernmental bodies

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *