IT Security Weekend Catch Up – March 15, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Win against Facebook. Giant not allowed to censor content at will
  2. Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware
  3. Incognito darknet market mass-extorts buyers, sellers
  4. Russian-Canadian cybercriminal sentenced for global ransomware scheme to be extradited
  5. How the Belarusian Cyber Partisans are fighting a digital war against two dictators
  6. Russia claims US and ‘Western countries’ are trying to hack its presidential election
  7. Update on Microsoft actions following attack by nation state actor Midnight Blizzard
  8. Hacker attack on Xplain: National Cyber Security Centre publishes data analysis report
  9. Nissan confirms ransomware attack exposed data of 100,000 people
  10. After LockBit’s takedown, its purported leader vows to hack on

For the more technical

  1. Microsoft Patch Tuesday – March 2024
  2. GhostRace: Exploiting and mitigating speculative race conditions
  3. NextChat: An AI chatbot that lets you talk to anyone you want to
  4. What a cluster: Local volumes vulnerability in Kubernetes
  5. Top 10 web application vulnerabilities in 2021–2023
  6. New malware campaign found exploiting stored XSS in Popup Builder
  7. Hiding in plain sight: Introducing WebTunnel
  8. The State of Stalkerware in 2023–2024
  9. Introducing CloudGrappler: A powerful open-source threat detection tool for cloud environments
  10. BIPClip: Malicious PyPI packages target crypto wallet recovery passwords
  11. Infostealer disguised as Adobe Reader installer
  12. PixPirate: The Brazilian financial malware you can’t see
  13. Fake Leather wallet app on Apple App Store is a crypto drainer
  14. Magnet Goblin targets publicly facing servers using 1-day vulnerabilities
  15. Spinning YARN – A new Linux malware campaign targets Docker, Apache Hadoop, Redis and Confluence
  16. CVE-2024-21412: DarkGate operators exploit Microsoft Windows SmartScreen bypass in zero-day campaign
  17. Vcurms: A simple and functional weapon
  18. New multi-stage StopCrypt ransomware

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *