IT Security Weekend Catch Up – May 27, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Man convicted of blackmail and other offences
  2. Rheinmetall attacked by BlackBasta ransomware
  3. Free VPN service SuperVPN exposes 360 million user records
  4. Suspicion stalks Genesis Market’s competitors following FBI takedown
  5. The hunt for Venom Spider – part 2
  6. Leaked government document shows Spain wants to ban end-to-end encryption

For the more technical

  1. Wordfence firewall blocks bizarre large-scale XSS campaign
  2. I have no mouth, and I must do crime (PDF)
  3. BrutePrint: Expose smartphone fingerprint authentication to brute-force attack (PDF)
  4. Android app breaking bad: From legitimate screen recording to file exfiltration within a year
  5. Mercenary mayhem: A technical analysis of Intellexa’s PREDATOR spyware
  6. Exposed Quadream spyware control web panel
  7. Hacking in a war zone: Pegasus spyware in the Azerbaijan-Armenia conflict
  8. Kimsuky: Ongoing campaign using tailored reconnaissance toolkit
  9. Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
  10. People’s Republic of China state-sponsored cyber actor living off the land to evade detection (PDF)
  11. CosmicEnergy: New OT malware possibly related to Russian emergency response exercises
  12. Chinese businesses fueling the fentanyl epidemic receive tens of millions in crypto payments
  13. Crypto and the opioid crisis: What blockchain analysis reveals about global fentanyl sales
  14. The Dark Frost enigma: An unexpectedly prevalent botnet author profile
  15. Operation Magalenha: Long-running campaign pursues Portuguese credentials and PII
  16. Unmasking GUI-Vil: Financially motivated cloud threat actor
  17. #StopRansomware Guide (PDF)
  18. Buhti: New ransomware operation relies on repurposed payloads
  19. Agrius deploys Moneybird in targeted attacks against Israeli organizations
  20. Fata Morgana: Watering hole attack on shipping and logistics websites (PDF)
  21. Cloud-based malware delivery: The evolution of GuLoader
  22. Lazarus group targeting Windows IIS web servers
  23. Meet the GoldenJackal APT group. Don’t expect any howls
  24. SuperMailer abuse explodes, now responsible for 14% of all credential phish discovered in inboxes

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *