IT Security Weekend Catch Up – October 15, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Cyber cheat dupes Mumbai businessman of Rs 15.5 lakh with credit card scam, cops recover Rs 7.5 lakh
  2. Darkweb market BidenCash gives away 1.2 million credit cards for free
  3. Report: Big U.S. banks are stiffing account takeover victims
  4. Celsius exchange data dump is a gift to crypto sleuths—and thieves
  5. Toyota discloses data leak after access key exposed on GitHub
  6. Intel confirms Alder Lake BIOS source code leak, new details emerge
  7. US airports’ sites taken down in DDoS attacks by pro-Russian hackers
  8. How Wi-Fi spy drones snooped on financial firm
  9. Indian energy company Tata Power announces cyberattack affecting IT infrastructure

For the more technical

  1. Microsoft October 2022 Patch Tuesday fixes zero-day used in attacks, 84 flaws
  2. Microsoft Office 365 attacked over feeble encryption
  3. Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)
  4. FortiOS, FortiProxy, and FortiSwitchManager authentication bypass technical deep dive (CVE-2022-40684)
  5. The race to native code execution in PLCs: Using RCE to uncover Siemens SIMATIC S7-1200/1500 hardcoded cryptographic keys
  6. Hacking TMNF: Part 1 – Fuzzing the game server
  7. Hacking TMNF: Part 2 – Exploiting a blind format string
  8. Analysing LastPass
  9. Signal will remove support for SMS text messages on Android
  10. Malicious WhatsApp mod distributed through legitimate apps
  11. Facebook: Protecting people from malicious account compromise apps
  12. Truth behind the Celer Network cBridge cross-chain bridge incident: BGP hijacking
  13. Cloudflare DDoS threat report 2022 Q3
  14. Project DDOSIA Russia’s answer to disBalancer
  15. The fresh phish market: Behind the scenes of the Caffeine phishing-as-a-service platform
  16. Alchimist: A new attack framework in Chinese for Mac, Linux and Windows
  17. TOAD attacks: Vishing combined with Android banking malware now targeting Italian banks
  18. A visualizza into recent IcedID
  19. Fake ransomware infection under widespread
  20. Magniber ransomware adopts JavaScript, targeting home users with fake software updates
  21. Black Basta ransomware gang infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike
  22. New “Prestige” ransomware impacts organizations in Ukraine and Poland
  23. Polonium targets Israel with Creepy malware
  24. Tracking Earth Aughisky’s malware and changes
  25. LofyGang – software supply chain attackers; organized, persistent, and operating for over a year

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *