IT Security Weekend Catch Up – May 20, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Russian hacker “Wazawaka” indicted for ransomware
  2. Russian IT worker jailed for participating in pro-Ukraine DDoS attacks
  3. 18-year-old charged with hacking 60,000 DraftKings betting accounts
  4. Anti-money laundering: Council adopts rules which will make crypto-asset transfers traceable
  5. [VIDEO] How iPhone thieves lock you out of your Apple account
  6. [VIDEO] Apple’s iPhone passcode problem: Thieves can ruin your entire digital life in minutes
  7. Knocking down Hive: How the FBI ran its own ransomware decryption operation

For the more technical

  1. Bug bounties are broken – the story of “i915” bug, ChromeOS + Intel bounty programs, and beyond
  2. CVE-2023-26818 – Bypass TCC with Telegram in macOS
  3. KeePass 2.X Master Password Dumper (CVE-2023-32784)
  4. Bitwarden hits general availability
  5. Testing a new encrypted messaging app’s extraordinary claims
  6. The dangers of Google’s .zip TLD
  7. The .zip gTLD: Risks and opportunities
  8. Dangerous functionalities in Microsoft Teams enable phishing and malware delivery by attackers
  9. The growing threat from infostealers
  10. Overview of the Russian-speaking infostealer ecosystem: the logs
  11. New phishing-as-a-service tool “Greatness” already seen in the wild
  12. Ongoing MEME#4CHAN attack/phishing campaign uses meme-filled code to drop XWorm payloads
  13. Water Orthrus’s new campaigns deliver rootkit and phishing modules
  14. “FleeceGPT” mobile apps target AI-curious to rake in cash
  15. Lemon Group’s cybercriminal businesses built on preinfected devices
  16. Apple blocked 1.7 million apps for privacy, security issues in 2022
  17. Geacon brings Cobalt Strike capabilities to macOS threat actors
  18. MalasLocker ransomware targets Zimbra servers, demands charity donation
  19. Researchers tie FIN7 cybercrime family to Clop ransomware
  20. You’ve been kept in the dark (web): exposing Qilin’s RaaS program
  21. RATs found hiding in the npm attic
  22. Malspam campaign delivering PowerDash – a tiny PowerShell backdoor
  23. The dragon who sold his camaro: Analyzing custom router implant
  24. Crime finds a way: The evolution and experimentation of the cybercrime ecosystem
  25. CloudWizard APT: the bad magic story goes on
  26. Lancefly: Group uses custom backdoor to target orgs in government, aviation, other sectors
  27. APT28 leverages multiple phishing techniques to target Ukrainian civil society

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *