IT Security Weekend Catch Up – June 10, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. SVMetaSearch + help centre
  2. FTC will require Microsoft to pay $20 million over charges it illegally collected personal information from children without their parents’ consent
  3. BBC and British Airways affected by data breach at payroll company Zellis
  4. North Korea’s Lazarus group likely responsible for $35 million Atomic crypto theft
  5. The bizarre reality of getting online in North Korea
  6. Senegal continues curfew-like internet shutdown to subdue protests
  7. Snowden ten years later
  8. Scammers publish ads for hacking services on government websites
  9. CEO of dozens of companies and entities in Florida and New Jersey admits role in massive scheme to traffic in fraudulent and counterfeit Cisco networking equipment
  10. Russians charged with hacking Mt. Gox crypto exchange, running BTC-e
  11. Microsoft OneDrive down worldwide following claims of DDoS attacks
  12. This new satellite enters orbit with one mission: To get abused by hackers

For the more technical

  1. New MOVEit Transfer zero-day mass-exploited in data theft attacks
  2. Clop ransomware group behind MOVEit file transfer hacks: Microsoft
  3. Zero-day vulnerability in MOVEit Transfer exploited for data theft
  4. MOVEit Transfer and MOVEit Cloud vulnerability
  5. KeePass v2.54 fixes bug that leaked cleartext master password
  6. Chrome and Edge zero-day: “This exploit is in the wild”, so check your versions now
  7. Android security update fixes Mali GPU bug exploited as zero-day
  8. Compromising Honda’s power equipment / marine / lawn & garden dealer eCommerce platform through a vulnerable password reset API
  9. Barracuda Email Security Gateway Appliance (ESG) vulnerability
  10. Modded Minecraft malware “fractureiser” – what we know
  11. IT threat evolution Q1 2023. Mobile & non-mobile statistics
  12. Tens of thousands of compromised Android apps
  13. Supply chain attack infiltrates Android apps with malicious SDK
  14. Dismantling spyware disinformation campaigns
  15. Stealth Soldier backdoor used in targeted espionage attacks in North Africa
  16. PowerDrop: A new insidious PowerShell script for command and control attacks targets U.S. aerospace defense industry
  17. Asylum Ambuscade: crimeware or cyberespionage?
  18. Carbon Black’s TrueBot detection
  19. Vice Society: The #1 cyberthreat to schools, colleges, and universities
  20. Cyclops ransomware and stealer combo: Exploring a dual threat
  21. ‘NoEscape’ Ransomware-as-a-Service (RaaS)
  22. Xollam, the latest face of TargetCompany
  23. New Magecart-style campaign abusing legitimate websites to attack others

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *