IT Security Weekend Catch Up – June 22, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Chat control vote postponed: Huge success in defense of digital privacy of correspondence
  2. Meta won’t train AI on Euro posts after all, as watchdogs put their paws down
  3. Proton is transitioning towards a non-profit structure
  4. US bans sale of Kaspersky software citing security risk from Russia
  5. Hackers detail how they allegedly stole Ticketmaster data from Snowflake
  6. Alleged boss of ‘Scattered Spider’ hacking group arrested

For the more technical

  1. Analysis of user password strength
  2. You’ve got mail: Critical Microsoft Outlook vulnerability executes as email is opened
  3. Re-moo-te code execution in Mailcow: Always sanitize error messages
  4. ASUS warns of critical remote authentication bypass on 7 routers
  5. TPM GPIO fail: How bad OEM firmware ruins TPM security
  6. UEFIcanhazbufferoverflow: Widespread impact from vulnerability in popular PC and server firmware
  7. TIKTAG: Breaking ARM’s memory tagging extension with speculative execution
  8. CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware
  9. The Travels of “markopolo”: Self-proclaimed meeting software Vortax spreads infostealers, unveils expansive network of malicious macOS applications
  10. Backdoor BadSpace delivered by high-ranking infected websites
  11. Fake IT support website leading to Vidar infection
  12. Fickle stealer distributed via multiple attack chain
  13. Rafel RAT, Android malware from espionage to ransomware operations
  14. Malicious activities linked to the Nobelium intrusion set
  15. Disgomoji malware used to target Indian government
  16. Operation Celestial Force employs mobile and desktop malware to target Indian entities
  17. China-nexus threat group ‘Velvet Ant’ abuses F5 load balancers for persistence
  18. Octo Tempest: Hybrid identity compromise recovery
  19. An amplified Internet scale DNS probing operation

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *