IT Security Weekend Catch Up – September 2, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Scroll more, sleep less. A Black Mirror-inspired truck in Warsaw advertises a disturbing social network… that doesn’t exist
  2. 68k phishing victims are now searchable in Have I Been Pwned, courtesy of CERT Poland
  3. FBI, partners dismantle Qakbot infrastructure in multinational cyber takedown
  4. Unmasking Trickbot, one of the world’s top cybercrime gangs
  5. A Brazilian phone spyware was hacked and victims’ devices ‘deleted’ from server
  6. Kroll employee SIM-swapped for crypto investor data
  7. Paramount discloses data breach following security incident
  8. UN warns that hundreds of thousands in Southeast Asia have been roped into online scams
  9. All the latest cyberbullying statistics for 2023
  10. Google Meet’s new AI will be able to go to meetings for you
  11. ChatGPT-maker OpenAI accused of string of data protection breaches in GDPR complaint filed by privacy researcher
  12. Impending French law threatens the free internet, Mozilla warns

For the more technical

  1. Hackers can silently grab your IP through Skype. Microsoft is in no rush to fix it
  2. Multiple Notepad++ flaws let attackers execute arbitrary code
  3. Methods to backdoor an AWS account
  4. Introducing proof-of-work defense for onion services
  5. Law enforcement takes down Qakbot
  6. Updated Kmsdx binary shows KmsdBot is targeting the IoT landscape
  7. DreamBus botnet resurfaces, targets RocketMQ vulnerability
  8. From Hidden Bee to Rhadamanthys – The evolution of custom executable formats
  9. IT threat evolution in Q2 2023. Mobile & non-mobile statistics
  10. Stealthy Android malware MMRat carries out bank fraud via fake app stores
  11. BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps
  12. New hierarchy, heightened threat: Classiscam’s sustained global campaign
  13. Attacks on Citrix NetScaler systems linked to ransomware actor
  14. Technical summary of observed Citrix CVE-2023-3519 incidents
  15. MalDoc in PDF – Detection bypass by embedding a malicious Word file into a PDF file
  16. SapphireStealer: Open-source information stealer enables credential and data theft
  17. HTML smuggling leads to domain wide ransomware
  18. Decrypting Key Group ransomware: emerging financially motivated cyber crime gang
  19. Threat actors target MSSQL servers in DB#JAMMER to deliver FreeWorld ransomware
  20. Shining some light on the DarkGate loader
  21. Lazarus group exploits ManageEngine vulnerability to deploy QuiteRAT
  22. GRU hackers attack Ukrainian military with new Android malware (PDF)
  23. Earth Estries targets government, tech for cyberespionage

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *