Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Russian TikTok influencers are being paid to spread Kremlin propaganda
- [VIDEO] Ukrainian hackers waging shadow war to expose Russian secrets
- Understanding Telegram’s ecosystem of far-right channels in the US
- Gold Ulrick (Conti) leaks reveal organizational structure and relationships
- One way or another: Initial access vectors
- FBI: Ransomware hit 649 critical infrastructure orgs in 2021
- Lapsus$ suspects arrested for Microsoft, Nvidia, Okta hacks
- Four Russian government employees charged in two historical hacking campaigns targeting critical infrastructure worldwide
- FBI adds Russian cybercrime market owner to most wanted list
- OVHcloud fire report: SBG2 data center had wooden ceilings, no extinguisher, and no power cut-out
- The kids online safety act is a heavy-handed plan to force platforms to spy on young people
- Leaked opinion of the Commission sets off alarm bells for mass surveillance of private communications
For the more technical
- [VIDEO] $100k Hacking any website in Safari with uXSS – a 0-day chain
- iOS hacking – a beginner’s guide to hacking iOS apps [2022 edition]
- Browser in the Browser (BITB) attack
- Countering threats from North Korea
- Navigating new frontiers – Trend Micro 2021 annual cybersecurity report (PDF)
- Phishing-kit market: what’s inside “off-the-shelf” phishing packages
- An empirically comparative analysis of ransomware binaries (PDF)
- More Conti ransomware source code leaked on Twitter out of revenge
- Large-scale npm attack targets Azure developers with malicious packages
- Cloudflare’s investigation of the January 2022 Okta compromise
- Okta’s investigation of the January 2022 compromise
- Vidar malware launcher concealed in help file
- Storm Cloud on the horizon: GIMMICK malware strikes at macOS
- Distribution of ClipBanker disguised as malware creation tool
- Clipper malware disguised as AvD crypto stealer
- Purple Fox uses new arrival vector and improves malware arsenal
- Spyware dubbed Facestealer infects 100,000+ Google Play users
- CryptoRom Bitcoin swindlers continue to target vulnerable iPhone and Android users
- DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
- New backdoor targets French entities with unique attack chain
- Suspected DarkHotel APT activity update
- Sandworm: A tale of disruption told anew
- Mustang Panda’s Hodur: Old tricks, new Korplug variant
- VT4Browsers++ Any indicator, every detail, anywhere
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.