IT Security Weekend Catch Up – September 6, 2024

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Fool me once: Russian influence operation Doppelganger continues on X and Facebook (PDF)
  2. How Navy chiefs conspired to get themselves illegal warship Wi-Fi
  3. Sextortion scams now include photos of your home
  4. Hackers linked to Russia and Belarus increasingly target Latvian websites, officials say
  5. Halliburton cyberattack linked to RansomHub ransomware gang
  6. Justice Department disrupts covert Russian government-sponsored foreign malign influence operation
  7. Website operators promised fraudsters profit within minutes if they subscribed to illegal service
  8. Dutch privacy watchdog fines Clearview AI $34 million for ‘illegal’ database of faces
  9. The Internet Archive loses its appeal of a major copyright case
  10. Docker-OSX image used for security research hit by Apple DMCA takedown
  11. Telegram quietly updates website to allow abuse reports following founder’s arrest
  12. Take action to stop chat control now!

For the more technical

  1. Exploiting Exchange PowerShell after ProxyNotShell: Part 1 – MultiValuedProperty
  2. EUCLEAK: Side-channel attack on the YubiKey 5 series (PDF)
  3. Microsoft Copilot: From prompt injection to exfiltration of personal information
  4. Revival Hijack – PyPI hijack technique exploited in the wild, puts 22K packages at risk
  5. IT threat evolution Q2 2024. Non-mobile & mobile statistics
  6. TLD tracker: Exploring newly released top-level domains
  7. Deep analysis of Snake keylogger’s new variant
  8. Banking trojans: Mekotio looks to expand targets, BBTok abuses utility command
  9. Mallox ransomware: in-depth analysis and evolution
  10. Dissecting the Cicada
  11. Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads
  12. Unpacking the unpleasant FIN7 gift: PackXOR
  13. Emansrepo stealer: Multi-vector attack chains
  14. Luxy: A stealer and a ransomware in one
  15. CyberVolk ransomware technical & malware analysis
  16. Earth Lusca uses KTLVdoor backdoor for multiplatform intrusion
  17. Recent dllFake activity shares code with SecondEye
  18. Silent intrusions: Godzilla fileless backdoors targeting Atlassian Confluence
  19. Spoofed GlobalProtect used to deliver unique WikiLoader variant
  20. Predator spyware infrastructure returns following exposure and sanctions
  21. Chinese state-linked influence operation Spamouflage masquerades as U.S. voters to push divisive online narratives ahead of 2024 election
  22. Russian military cyber actors target US and global critical infrastructure
  23. The emerging dynamics of deepfake scam campaigns on the web

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *