IT Security Weekend Catch Up – October 22, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Sold to gangs, forced to run online scams: inside Cambodia’s cybercrime crisis
  2. Israeli officer reveals intricate details of IDF’s first ever cyberattack
  3. International crackdown on West-African financial crime rings
  4. Prison inmate accused of orchestrating $11M fraud using cell cellphone
  5. 31 arrested for stealing cars by hacking keyless tech
  6. Brazilian police announce arrest of alleged Lapsus$ member
  7. Two men sentenced for nationwide scheme to steal social media accounts and cryptocurrency
  8. Police tricks DeadBolt ransomware out of 155 decryption keys
  9. Wi-Fine. It is fine to use public Wi-Fi, even without a VPN
  10. The hunt for Wikipedia’s disinformation moles

For the more technical

  1. Almost 900 servers hacked using Zimbra zero-day flaw
  2. Experts downplay reach of Apache bug ‘Text4Shell’
  3. CVE-2022-42889: Keep calm and stop saying “4Shell”
  4. Microsoft Office 365 Message Encryption insecure mode of operation
  5. Microsoft Office Online Server remote code execution
  6. Sensitive data of 65,000+ entities in 111 countries leaked due to a single misconfigured data bucket
  7. Pwning a DrayTek Router before getting it out of the box (PDF)
  8. Hackers exploit critical VMware flaw to drop ransomware, miners
  9. Analysis of a remote code execution (RCE) vulnerability in Cobalt Strike 4.7.1
  10. TOTP for 2FA is incredibly easy to implement. So what’s your excuse?
  11. Private npm packages disclosed via timing attacks
  12. Online file converter phishing page spreads RedLine stealer
  13. AI-driven ‘thermal attack’ system reveals passwords in seconds
  14. Writing an independent malware
  15. RedEye: Red Team C2 log visualization
  16. New fully undetectable PowerShell backdoor
  17. New malicious clicker found in apps installed by 20M+ users
  18. A detailed analysis of the Gafgyt malware targeting IoT devices
  19. From RM3 to LDR4: URSNIF leaves banking fraud behind
  20. Ransom Cartel ransomware: A possible connection with REvil
  21. Domestic Kitten campaign spying on Iranian citizens with new FurBall malware

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *