IT Security Weekend Catch Up – May 3, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. A recent security incident involving Dropbox Sign
  2. Humans now share the web equally with bots, report warns amid fears of the ‘dead internet’
  3. Google Play: How we fought bad apps and bad actors in 2023
  4. Sodinokibi/REvil affiliate sentenced for role in $700M ransomware scheme
  5. More than 100 arrested in Spain in $900,000 WhatsApp scheme
  6. Operation PANDORA shuts down 12 phone fraud call centres
  7. Kaspersky Lab and neural networks for Russian military drones
  8. Looking at passwords in 2024

For the more technical

  1. Tor migrates from Gitolite/GitWeb to GitLab
  2. CISA says GitLab account takeover bug is actively exploited in attacks
  3. Nearly 20% of Docker Hub repositories spread malware and phishing scams
  4. “Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps
  5. 20 security issues found in Xiaomi devices
  6. HPE Aruba Networking fixes four critical RCE flaws in ArubaOS
  7. A zero-day deserialization vulnerability in the popular programming language R
  8. April updates for Windows 10 and 11 break some VPN software, Microsoft says
  9. New “Goldoon” botnet targeting D-Link devices
  10. New Latrodectus malware attacks use Microsoft, Cloudflare themes
  11. Eight arms to hold you: The Cuttlefish malware
  12. Zloader learns old tricks
  13. Playing possum: What’s the Wpeeper backdoor up to?
  14. Analysis of native process CLR hosting used by AgentTesla
  15. Malware campaign attempts abuse of defender binaries
  16. Analysis of TargetCompany’s attacks against MS-SQL servers (Mallox, BlueSky ransomware)
  17. A cunning operator: Muddling Meerkat and China’s great firewall
  18. Uncorking old wine: Zero-day from 2017 + Cobalt Strike loader in unholy alliance
  19. Router roulette: Cybercriminals and nation-states sharing compromised networks
  20. How Lazarus Group laundered $200M from 25+ crypto hacks to fiat from 2020–2023
  21. A web of surveillance: Unravelling a murky network of spyware exports to Indonesia
  22. Uncharmed: Untangling Iran’s APT42 operations

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *