IT Security Weekend Catch Up – September 16, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Human trafficking’s newest abuse: Forcing victims into cyberscamming
  2. Ethereum completes the “Merge,” which ends mining and cuts energy use by 99.95%
  3. UK provisionally approves $8.1B NortonLifeLock-Avast merger, citing competition from Microsoft
  4. FCC proposes cybersecurity changes to emergency alert system
  5. Cisco confirms Yanluowang ransomware leaked stolen company data
  6. Fears grow of Russian spies turning to industrial espionage

For the more technical

  1. Microsoft September 2022 Patch Tuesday
  2. Binarly finds six high severity firmware vulnerabilities in HP enterprise devices
  3. Contec FLEXLAN FXA2000 and FXA3000 series vulnerability report
  4. Yubikey madness
  5. Use-after-freedom: MiraclePtr
  6. Performance regression in Linux kernel 5.19
  7. TickTock: Detecting microphone status in laptops leveraging electromagnetic leakage of clock signals (PDF)
  8. New attack can unlock and start a Tesla Model Y in seconds (PDF)
  9. Say hello to crazy thin ‘deep insert’ ATM skimmers
  10. Record-breaking DDoS attack in Europe
  11. Nearly 5 million attacks blocked targeting 0-day in BackupBuddy plugin
  12. Hackers use the browser-in-the-browser technique to steal Steam accounts
  13. Magento vendor Fishpig hacked, backdoors added
  14. Prompt injection attacks against GPT-3
  15. “GIFShell” — covert attack chain and C2 utilizing Microsoft Teams GIFs
  16. Phishing campaign targets Greek banking users
  17. Undermining Microsoft Teams security by mining tokens
  18. It’s time to PuTTY! DPRK job opportunity phishing via WhatsApp
  19. Self-spreading stealer attacks gamers via YouTube
  20. Opsec mistakes reveal Cobalt Mirage threat actors
  21. Lorenz ransomware group cracks MiVoice and calls back for free
  22. Webworm: Espionage attackers testing and using older modified RATs
  23. OriginLogger: A look at Agent Tesla’s successor
  24. Ransomware developers turn to intermittent encryption to evade detection
  25. You never walk alone: The SideWalk backdoor gets a Linux variant
  26. TA453 uses multi-persona impersonation to capitalize on FOMO
  27. Pro-Palestinian hacking group compromises Berghof PLCs in Israel
  28. Gamaredon APT targets Ukrainian government agencies in new campaign

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *