IT Security Weekend Catch Up – March 10, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. OSINT in perspective – US IC OSINT strategy 2024-2026
  2. North Korea hacks two South Korean chip firms to steal engineering data
  3. Chinese national residing in California arrested for theft of artificial intelligence-related trade secrets from Google
  4. Treasury sanctions members of the Intellexa commercial spyware consortium
  5. Germany takes down cybercrime market with over 180,000 users
  6. CISA forced to take two systems offline last month after Ivanti compromise
  7. BlackCat ransomware shuts down in exit scam, blames the “feds”
  8. MiTM phishing attack can let attackers unlock and steal a Tesla

For the more technical

  1. About the security content of iOS 17.4 and iPadOS 17.4
  2. VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion
  3. CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity multiple authentication bypass vulnerabilities
  4. QNAP warns of critical auth bypass flaw in its NAS devices
  5. Over 100,000 infected repos found on GitHub
  6. Data scientists targeted by malicious hugging face ML models with silent backdoor
  7. 0-click account takeover on Facebook
  8. From Web3 drainer to distributed WordPress brute force attack
  9. The art of domain deception: Bifrost’s new tactic to deceive users
  10. Multistage RA World ransomware uses anti-AV tactics, exploits GPO
  11. The anatomy of an ALPHA SPIDER ransomware attack
  12. WogRAT malware exploits aNotepad (Windows, Linux)
  13. Unboxing Snake – Python infostealer lurking through messaging services
  14. GTPDOOR – A novel backdoor tailored for covert access over the roaming exchange
  15. Spam and phishing in 2023
  16. Mail in the Middle – A tool to automate spear phishing campaigns
  17. CryptoChameleon: New phishing tactics exhibited in FCC-targeted attack
  18. The Predator spyware ecosystem is not dead
  19. Predator spyware operators rebuild multi-tier infrastructure to target mobile devices
  20. Evasive Panda leverages Monlam Festival to target Tibetans
  21. TA4903: Actor spoofs U.S. government, small businesses in phishing, BEC bids

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *