IT Security Weekend Catch Up – July 22, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Google’s adding the app permissions section back to the Play Store after removing it
  2. How Meta and the security industry collaborate to secure the internet
  3. Hacked Ukrainian radio stations broadcast fakes about Zelensky’s health
  4. Justice Department seizes and forfeits approximately $500,000 from North Korean ransomware actors and their conspirators
  5. Building materials giant Knauf hit by Black Basta ransomware gang
  6. Russian hackers behind SolarWinds breach continue to scour US and European organizations for intel, researchers say

For the more technical

  1. CVE-2022-30136: Microsoft Windows Network File System v4 remote code execution vulnerability
  2. [CVE-2022-34918] A crack in the Linux firewall
  3. Critical vulnerabilities discovered in popular automotive GPS tracking device (PDF)
  4. The return of Candiru: Zero-days in the Middle East
  5. Javascript obfuscation techniques by example
  6. DNS-over-HTTP/3 in Android
  7. React debug.keystore key was trusted by Meta(Facebook) which caused to Instagram account takeover by malicious apps
  8. How attackers use exposed Prometheus server to exploit Kubernetes clusters
  9. SATAn: Air-gap exfiltration attack via radio signals from SATA cables (PDF)
  10. Fortinet: Cybersecurity in water management facilities (PDF)
  11. The kit that wants it all: Scam mimics PayPal’s known security measures
  12. Tracing state-aligned activity targeting journalists, media
  13. Continued cyber activity in Eastern Europe observed by TAG
  14. Russian APT29 hackers use online storage services, DropBox and Google Drive
  15. APT41: A case study
  16. Buy, sell, steal, EvilNum targets cryptocurrency, Forex, commodities
  17. Anatomy of attack: Truth behind the Costa Rica government ransomware 5-day intrusion
  18. Luna and Black Basta — new ransomware for Windows, Linux and ESXi
  19. Joker, Facestealer and Coper banking malwares on Google Play store
  20. I see what you did there: A look at the CloudMensis macOS spyware
  21. The trojan horse malware & password “cracking” ecosystem targeting industrial operators
  22. 8220 gang massively expands cloud botnet to 30,000 infected hosts
  23. Over thirty thousand DMCA notices reveal an organized attempt to abuse copyright law
  24. Google ads lead to major malvertising campaign

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *