IT Security Weekend Catch Up – September 30, 2023

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Generative AI being tested for use in Singapore Courts, starting with small claims tribunal
  2. All thanks to ‘Big Yellow Taxi’: How State discovered Chinese hackers reading its emails
  3. Russian hackers target Ukrainian government systems involved in war crimes investigations
  4. Israel allows police to use Pegasus spyware to probe killings of Palestinian citizens
  5. Air Canada discloses data breach of employee and ‘certain records’
  6. LastPass: ‘Horse Gone Barn Bolted’ is strong password

For the more technical

  1. New 0-day in Chrome and Firefox will likely plague other software
  2. (0day) Exim AUTH out-of-bounds write remote code execution vulnerability
  3. People’s Republic of China-linked cyber actors hide in router firmware
  4. Source code at risk: Critical code vulnerability in CI/CD platform TeamCity
  5. GPUs from all major suppliers are vulnerable to new pixel-stealing attack
  6. The Marvin Attack on RSA
  7. QR codes in email phishing
  8. Malicious ad served inside Bing’s AI chatbot
  9. Introducing: Raspberry Pi 5
  10. When Dependabot contributes malicious code
  11. Stealth Falcon preying over Middle Eastern skies with Deadglyph
  12. ‘’ in the spotlight – What is known about the ransomware group targeting major japanese businesses
  13. Two or more ransomware variants impacting the same victims and data destruction trends
  14. Dusting for fingerprints: ShadowSyndicate, a new RaaS player?
  15. ‘Snatch’ ransom group exposes visitor IP addresses
  16. ZenRAT: Malware brings more chaos than calm
  17. Bumblebee loader resurfaces in new campaign
  18. APT34 deploys phishing attack with new malware
  19. Budworm: APT group uses updated custom tool in attacks on government and telecoms org
  20. APT29’s rapidly evolving diplomatic phishing operations
  21. Dark River. You can’t see them, but they’re there
  22. Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *