IT Security Weekend Catch Up – March 26, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Russian TikTok influencers are being paid to spread Kremlin propaganda
  2. [VIDEO] Ukrainian hackers waging shadow war to expose Russian secrets
  3. Understanding Telegram’s ecosystem of far-right channels in the US
  4. Gold Ulrick (Conti) leaks reveal organizational structure and relationships
  5. One way or another: Initial access vectors
  6. FBI: Ransomware hit 649 critical infrastructure orgs in 2021
  7. Lapsus$ suspects arrested for Microsoft, Nvidia, Okta hacks
  8. Four Russian government employees charged in two historical hacking campaigns targeting critical infrastructure worldwide
  9. FBI adds Russian cybercrime market owner to most wanted list
  10. OVHcloud fire report: SBG2 data center had wooden ceilings, no extinguisher, and no power cut-out
  11. The kids online safety act is a heavy-handed plan to force platforms to spy on young people
  12. Leaked opinion of the Commission sets off alarm bells for mass surveillance of private communications

For the more technical

  1. [VIDEO] $100k Hacking any website in Safari with uXSS – a 0-day chain
  2. iOS hacking – a beginner’s guide to hacking iOS apps [2022 edition]
  3. Browser in the Browser (BITB) attack
  4. Countering threats from North Korea
  5. Navigating new frontiers – Trend Micro 2021 annual cybersecurity report (PDF)
  6. Phishing-kit market: what’s inside “off-the-shelf” phishing packages
  7. An empirically comparative analysis of ransomware binaries (PDF)
  8. More Conti ransomware source code leaked on Twitter out of revenge
  9. Large-scale npm attack targets Azure developers with malicious packages
  10. Cloudflare’s investigation of the January 2022 Okta compromise
  11. Okta’s investigation of the January 2022 compromise
  12. Vidar malware launcher concealed in help file
  13. Storm Cloud on the horizon: GIMMICK malware strikes at macOS
  14. Distribution of ClipBanker disguised as malware creation tool
  15. Clipper malware disguised as AvD crypto stealer
  16. Purple Fox uses new arrival vector and improves malware arsenal
  17. Spyware dubbed Facestealer infects 100,000+ Google Play users
  18. CryptoRom Bitcoin swindlers continue to target vulnerable iPhone and Android users
  19. DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
  20. New backdoor targets French entities with unique attack chain
  21. Suspected DarkHotel APT activity update
  22. Sandworm: A tale of disruption told anew
  23. Mustang Panda’s Hodur: Old tricks, new Korplug variant
  24. VT4Browsers++ Any indicator, every detail, anywhere

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *