IT Security Weekend Catch Up – March 5, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. AI is starting to pick who gets laid off
  2. YouTube video causes Pixel phones to instantly reboot
  3. LastPass: Additional details of the attack
  4. LastPass employee could’ve prevented hack with a software update
  5. The satellite hack everyone is finally talking about
  6. ICE and the Secret Service conducted illegal surveillance of cell phones
  7. We found 28,000 apps sending TikTok data. Banning the app won’t help
  8. Arrest 3 hackers involved in massive data theft and extortion scheme
  9. Card shop threat landscape: BidenCash dumps 2.1M stolen credit cards
  10. Hacker leaks alleged Activision employee data on cybercrime forum

For the more technical

  1. Secret scanning alerts are now available (and free) for all public repositories
  2. Gamers are fixing a video game ‘taken over’ by hackers
  3. Escaping misconfigured VSCode extensions
  4. John the Ripper in the cloud update
  5. Drone security and the mysterious case of DJI’s DroneID (PDF)
  6. How phishers are slinking their links into LinkedIn
  7. How NPM packages were used to spread phishing links
  8. PyPI packages used to deliver Python remote access tools
  9. Houzez theme unauthenticated privilege escalation vulnerability exploited in the wild
  10. BlackLotus UEFI bootkit: Myth confirmed
  11. Evasive cryptojacking malware targeting macOS found lurking in pirated applications
  12. Ransomware recognition tool
  13. Bitdefender releases decryptor for MortalKombat ransomware
  14. Can you see it now? An emerging LockBit campaign
  15. Exfiltrator-22 – An emerging post-exploitation framework
  16. The mobile malware threat landscape in 2022
  17. CrowdStrike’s 2023 Global Threat Report (PDF)
  18. Hackers attack employees from six law firms​ ​with the GootLoader and SocGholish malware
  19. The Ghostwriter campaign – As a multi-vector information operation 2023 (PDF)
  20. Handbook on maritime hybrid threats: 15 scenarios and legal scans (PDF)
  21. Blackfly: Espionage group targets materials technology
  22. MQsTTang: Mustang Panda’s latest backdoor treads new ground with Qt and MQTT

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *