IT Security Weekend Catch Up – May 18, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Israeli spyware firm NSO Group drags researchers to court
  2. Proton Mail discloses user data leading to arrest in Spain
  3. The Post Millennial hack leaked data impacting 26 million people
  4. Feds seize BreachForums platform, Telegram page
  5. Two brothers arrested for attacking Ethereum blockchain and stealing $25M in cryptocurrency
  6. Developer of Tornado Cash gets jail sentence for laundering billions of dollars in cryptocurrency
  7. INC ransomware source code selling on hacking forums for $300,000
  8. I/O 2024: What’s new in Android security and privacy
  9. Apple and Google join forces to stop unwanted tracking
  10. Intel’s Thunderbolt Share lets two PCs control each other over a USB cable
  11. VMware Fusion, Workstation now free for home use, subscription-only for businesses

For the more technical

  1. Microsoft May 2024 Patch Tuesday
  2. QakBot attacks with Windows zero-day (CVE-2024-30051)
  3. Apple patches everything: macOS, iOS, iPadOS, watchOS, tvOS updated
  4. Google Chrome emergency update fixes 6th zero-day exploited in 2024
  5. Detecting compromise of CVE-2024-3400 on Palo Alto Networks GlobalProtect devices
  6. Send()-ing myself belated Christmas gifts – GitHub.com’s environment variables & GHES shell
  7. New WiFi vulnerability: The SSID Confusion attack
  8. Lethal Injection: How we hacked Microsoft’s healthcare chat bot
  9. Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
  10. Invisible optical adversarial stripes on traffic sign against autonomous vehicles
  11. GoTo Meeting loads Remcos RAT via Rust shellcode loader
  12. GitCaught: Threat actor leverages GitHub repository for malicious infrastructure
  13. Mallox affiliate leverages PureCrypter in MS-SQL exploitation campaigns
  14. Foxit PDF “flawed design” exploitation
  15. CISA: Black Basta ransomware breached over 500 orgs worldwide
  16. State of ransomware in 2024
  17. ESET APT Activity Report Q4 2023–Q1 2024
  18. To the Moon and back(doors): Lunar landing in diplomatic missions
  19. Waterbear and Deuterbear – two of the tools in Earth Hundun’s arsenal
  20. Springtail: New Linux backdoor added to toolkit
  21. FIN7 uses trusted brands and sponsored Google Ads to distribute MSIX payloads

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *