IT Security Weekend Catch Up – July 3, 2021

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Gozi malware gang member arrested in Colombia
  2. Coordinated action cuts off access to VPN service used by ransomware groups
  3. Mercedes-Benz USA announces initial findings of data investigation affecting customers and interested buyers
  4. Ransomware gangs now creating websites to recruit affiliates

For the more technical

  1. Gears of Chaos vulnerability chain (NETGEAR WAC104 access point)
  2. Microsoft finds new NETGEAR firmware vulnerabilities that could lead to identity theft and full system compromise
  3. CVE-2018-18472: Western Digital My Book Live mass exploitation
  4. Cisco routers come under attack, including a destructive hacktivist campaign
  5. Zyxel firewalls and VPNs under active cyberattack
  6. How we are able to hack any company by sending message – $20,000 bounty [CVE-2021–34506]
  7. How I found my first Chrome bug (CVE-2021–21210)
  8. Google Compute Engine (GCE) VM takeover via DHCP flood
  9. Microsoft’s Halo dev site breached using dependency hijacking
  10. How a Docker footgun led to a vandal deleting NewsBlur’s MongoDB database
  11. Security flaws in Atlassian’s platform led to account takeover in one click
  12. Backdoored client from Mongolian CA MonPass
  13. Lorenz ransomware: analysis and a free decryptor
  14. Builder for Babuk Locker ransomware leaked online
  15. Diavol – A new ransomware used by Wizard Spider?
  16. Microsoft signed a malicious Netfilter rootkit
  17. SMB worm “Indexsinas” uses lateral movement to infect whole networks
  18. SolarWinds hackers breach Microsoft customer support to target its customers
  19. Kaseya supply chain attack delivers mass ransomware event to US companies
  20. FBI, NSA: Russian military cyber-unit behind large-scale brute-force attacks
  21. 2020 Report on Threats Affecting ICS Endpoints (PDF)

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *