IT Security Weekend Catch Up – September 20, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Leaked files from Putin’s troll factory: How Russia manipulated European elections
  2. Continued developments in propaganda and disinformation regulations
  3. Hezbollah vows to punish Israel after pager explosions across Lebanon
  4. Second wave of exploding devices raises fears of wider Israel-Lebanon conflict
  5. Did a Chinese university hacking competition target a real victim?
  6. Russia leverages cyber proxies and Volga Flood assets in expansive influence efforts
  7. LinkedIn is training AI models on your data
  8. AFP Operation Kraken charges alleged head of global organised crime app
  9. Germany shuts down 47 cryptocurrency exchange services used by cybercriminals
  10. Criminal phishing network resulting in over 480 000 victims worldwide busted in Spain and Latin America
  11. Tor says it’s “still safe” amid reports of police deanonymizing users

For the more technical

  1. PKfail two months later: Reflecting on the impact
  2. Exploit code released for critical Ivanti RCE flaw, patch now
  3. D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers
  4. Revival Hijack – PyPI hijack technique exploited in the wild, puts 22K packages at risk
  5. GitHub notification emails hijacked to send malware
  6. WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution
  7. Highway Blobbery: Data theft using Azure Storage Explorer
  8. Discovering Splinter: A first look at a new post-exploitation Red Team tool
  9. How Ransomhub ransomware uses EDRKillShifter to disable EDR and antivirus protections
  10. Hadooken malware targets Weblogic applications
  11. Exotic SambaSpy is now dancing with Italian users
  12. Derailing The Raptor Train
  13. “Marko Polo” navigates uncharted waters with infostealer empire
  14. Go injector leading to stealers
  15. An offer you can refuse: UNC2970 backdoor deployment using trojanized PDF reader
  16. Storm clouds on the horizon: Resurgence of TeamTNT?
  17. UNC1860 and the Temple of Oats: Iran’s hidden hand in Middle Eastern networks
  18. Earth Baxia uses spear-phishing and GeoServer exploit to target APAC

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *