IT Security Weekend Catch Up – September 15, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Maps that care about user privacy
  2. FBI hacker dropped stolen Airbus data on 9/11
  3. Hackers claim MGM cyberattack as outage drags into fourth day
  4. MGM casino’s ESXi servers allegedly encrypted in ransomware attack
  5. Royal Dutch Football Association confirms it paid ransom for hacked employee data
  6. Hacking Meduza: Pegasus spyware used to target Putin’s critic
  7. Phineas Fisher, hacktivism, and magic tricks
  8. When MFA isn’t actually MFA
  9. TikTok hit with €345 million fine over privacy settings for children
  10. The new Have I Been Pwned domain search subscription service
  11. Intel confirms Thunderbolt 5 name, 120Gbps tech arrives in 2024

For the more technical

  1. Microsoft September 2023 Patch Tuesday
  2. With 0-days hitting Chrome, iOS, and dozens more this month, is no software safe?
  3. Google fixes another Chrome zero-day bug exploited in attacks
  4. Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks
  5. Adobe warns of critical Acrobat and Reader zero-day exploited in attacks
  6. Uncursing the ncurses: Memory corruption vulnerabilities found in library
  7. The GitHub Actions worm: Compromising GitHub repositories through the actions dependency tree
  8. Password-stealing without hacking: Wi-Fi enabled practical keystroke eavesdropping (PDF)
  9. Container escape techniques
  10. Can’t be contained: Finding a command injection vulnerability in Kubernetes
  11. Threat landscape for industrial automation systems. Statistics for H1 2023
  12. Password-stealing Linux malware served for 3 years and no one noticed
  13. macOS MetaStealer: New family of obfuscated go infostealers spread in targeted attacks
  14. From ERMAC to Hook: Investigating the technical differences between two Android malware variants
  15. Ongoing Webex malvertising campaign drops BatLoader
  16. OriginBotnet spreads via malicious Word document
  17. RedLine/Vidar abuses EV certificates, shifts to ransomware
  18. From Caribbean shores to your devices: analyzing Cuba ransomware
  19. 3AM: New ransomware family used as fallback in failed LockBit attack
  20. Redfly: Espionage actors continue to target critical infrastructure
  21. Digital threats from East Asia increase in breadth and effectiveness
  22. Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdoor
  23. Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *