IT Security Weekend Catch Up – June 29, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. [VIDEO] The secret to finding many Criticals – Alex Chapman
  2. TeamViewer links corporate cyberattack to Russian state hackers
  3. Pentagon ran secret anti-vax campaign to undermine China during pandemic
  4. Nearly 4,000 arrested in global police crackdown on online scam networks

For the more technical

  1. Polyfill supply chain attack hits 100K+ sites
  2. MOVEit Transfer: Auth bypass and a look at exposure
  3. SolarWinds Serv-U (CVE-2024-28995) exploitation: We see you!
  4. SnailLoad: Remote network latency measurements leak user activity
  5. GrimResource –  Microsoft Management Console for initial access and evasion
  6. MerkSpy: Exploiting CVE-2021-40444 to infiltrate systems
  7. Probllama: Ollama remote code execution vulnerability (CVE-2024-37032) – overview and mitigations
  8. The world’s first spatial computing hack
  9. Supply chain attack on WordPress.org plugins leads to 5 maliciously compromised WordPress plugins
  10. Introducing ExtensionTotal: How to assess risk in VS Code extensions
  11. Breaking the Internet: The aftermath of our research
  12. ESET Threat Report H1 2024
  13. ICO scams leverage 2024 Olympics to lure victims, use AI for fake sites
  14. ‘Poseidon’ Mac stealer distributed via Google ads
  15. SpyMax – an Android RAT targets Telegram users
  16. Beware of Snowblind: A new Android malware
  17. I am Goot (Loader)
  18. SquidLoader – new loader in the threat landscape
  19. Medusa reborn: A new compact variant discovered
  20. From dormant to dangerous: P2Pinfect evolves to deploy new ransomware and cryptominer
  21. Kimsuky deploys Translatext to target South Korean academia
  22. StrelaStealer Resurgence: Tracking a JavaScript-driven credential stealer targeting Europe
  23. ChamelGang & friends: Cyberespionage groups attacking critical infrastructure with ransomware
  24. Chinese state-sponsored RedJuliett intensifies Taiwanese cyber espionage via network perimeter exploitation
  25. SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *