Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 8 March 2024

Jorge Laurel ยท ยท2 min read ยทIssue #9

It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


๐Ÿ’ณ American Express warns of a third-party breach exposing credit cards. (3/4/2024, BleepingComputer) Read more

๐ŸŽฃ Hackers use phishing to steal Windows NTLM hashes. (3/4/2024, BleepingComputer) Read more

๐Ÿ”’ GitHub battles millions of malicious repos. (3/4/2024, Dark Reading) Read more

๐Ÿ›‘ Meta faces massive outage across top social apps. (3/5/2024, TechCrunch) Read more

๐Ÿ‡ฐ๐Ÿ‡ต North Korea exploits ScreenConnect bugs with ‘ToddleShark’ malware. (3/5/2024, Dark Reading) Read more

๐Ÿšซ Google targets SEO spam with new search update. (3/5/2024, TechCrunch) Read more

๐Ÿ” Novel DNS hijacking targets investment scams. (3/5/2024, The Hacker News) Read more

๐Ÿ Apple issues urgent patch for critical attacks. (3/6/2024, CSO Online) Read more

๐Ÿ’ผ BlackCat ransomware group likely pulls an exit scam. (3/6/2024, The Hacker News) Read more

๐Ÿ’ป Hackers mine crypto using misconfigured servers. (3/6/2024, The Hacker News) Read more

โšก๏ธ Southern Company experiments with SBOM for cybersecurity. (3/6/2024, Dark Reading) Read more

๐Ÿ” Google engineer accused of stealing AI secrets for China. (3/7/2024, BleepingComputer) Read more

๐Ÿ’ธ FBI reports a record $12.5 billion lost to online crime in 2023. (3/7/2024, BleepingComputer) Read more

๐Ÿ”Œ Nation-states return to using USBs for cyberattacks. (3/7/2024, Dark Reading) Read more

๐Ÿ New Python-based Snake info stealer spreads via Facebook messages. (3/7/2024, The Hacker News) Read more

๐Ÿค– “Just for a game,” scientists create an AI drone capable of hunting and killing. (3/8/2024, Live Science) Read more

๐Ÿ•ต๏ธโ€โ™‚๏ธ Microsoft reports Russian hackers stole source code and spied on emails. (3/8/2024, Security Week) Read more

๐Ÿ’ป Stealthy Atlassian Confluence exploits enable code execution via web shells. (3/8/2024, Dark Reading) Read more

๐Ÿšจ QNAP alerts users to a critical auth bypass flaw in NAS devices. (3/8/2024, BleepingComputer) Read more

โš™๏ธ A decade post-Stuxnet, the struggle to secure OT systems and PLCs continues. (3/8/2024, Dark Reading) Read more

and finally in non-cyber or tech news…

๐Ÿš— Dodge unveils the first-ever EV muscle car. (3/5/2024, Quartz) Read more


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!


Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.