IT Security Weekend Catch Up – November 24, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Meet the first Spanish AI model earning up to €10,000 per month
  2. Recognizing fake news now a required subject in California schools
  3. Anti-censorship tools are quietly disappearing into thin air in China
  4. Hacker leaks 800,000 scraped Chess.com user records
  5. The blender.org website was affected by a DDoS attack
  6. Rhysida ransomware gang claims British Library cyberattack

For the more technical

  1. CVE-2023–36025: An in-depth analysis of circumventing Windows SmartScreen security
  2. Analysis of CVE-2023-46214 in Splunk Enterprise + PoC
  3. CVE-2023-46604 (Apache ActiveMQ) exploited to infect systems with cryptominers and rootkits
  4. CrushFTP critical vulnerability CVE-2023-43177 unauthenticated remote code execution
  5. [VIDEO] Everything about full-time bug bounty
  6. Celebrating ten years of the Microsoft Bug Bounty program and more than $60M awarded
  7. HrServ – Previously unknown web shell used in APT attack
  8. Attacker – hidden in plain sight for nearly six months – targeting Python developers
  9. How to fortify your Docker containers: A guide to advanced security practices
  10. A touch of pwn
  11. PlayCrypt Ransomware-as-a-Service expands threat from script kiddies and sophisticated attackers
  12. The platform matters: A comparative study on Linux and Windows ransomware attacks
  13. Are DarkGate and PikaBot the new QakBot?
  14. Unveiling LummaC2 stealer’s novel Anti-Sandbox technique: Leveraging trigonometry for human behavior detection
  15. Atomic Stealer distributed to Mac users via fake browser updates
  16. Into the trash: Analyzing LitterDrifter
  17. Diamond Sleet supply chain compromise distributes a modified CyberLink installer
  18. Israel-Hamas war spotlight: Shaking the Rust off SysJoker
  19. ParaSiteSnatcher: How malicious Chrome extensions target Brazil
  20. Social engineering attacks lure Indian users to install Android banking trojans
  21. InfectedSlurs botnet spreads Mirai via zero-days
  22. Breaking (bad) bots: Bot abuse analysis and other fraud benchmarks (PDF)

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *