Friday Wrap Up: 8 March 2024
It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
๐ณ American Express warns of a third-party breach exposing credit cards. (3/4/2024, BleepingComputer) Read more
๐ฃ Hackers use phishing to steal Windows NTLM hashes. (3/4/2024, BleepingComputer) Read more
๐ GitHub battles millions of malicious repos. (3/4/2024, Dark Reading) Read more
๐ Meta faces massive outage across top social apps. (3/5/2024, TechCrunch) Read more
๐ฐ๐ต North Korea exploits ScreenConnect bugs with ‘ToddleShark’ malware. (3/5/2024, Dark Reading) Read more
๐ซ Google targets SEO spam with new search update. (3/5/2024, TechCrunch) Read more
๐ Novel DNS hijacking targets investment scams. (3/5/2024, The Hacker News) Read more
๐ Apple issues urgent patch for critical attacks. (3/6/2024, CSO Online) Read more
๐ผ BlackCat ransomware group likely pulls an exit scam. (3/6/2024, The Hacker News) Read more
๐ป Hackers mine crypto using misconfigured servers. (3/6/2024, The Hacker News) Read more
โก๏ธ Southern Company experiments with SBOM for cybersecurity. (3/6/2024, Dark Reading) Read more
๐ Google engineer accused of stealing AI secrets for China. (3/7/2024, BleepingComputer) Read more
๐ธ FBI reports a record $12.5 billion lost to online crime in 2023. (3/7/2024, BleepingComputer) Read more
๐ Nation-states return to using USBs for cyberattacks. (3/7/2024, Dark Reading) Read more
๐ New Python-based Snake info stealer spreads via Facebook messages. (3/7/2024, The Hacker News) Read more
๐ค “Just for a game,” scientists create an AI drone capable of hunting and killing. (3/8/2024, Live Science) Read more
๐ต๏ธโโ๏ธ Microsoft reports Russian hackers stole source code and spied on emails. (3/8/2024, Security Week) Read more
๐ป Stealthy Atlassian Confluence exploits enable code execution via web shells. (3/8/2024, Dark Reading) Read more
๐จ QNAP alerts users to a critical auth bypass flaw in NAS devices. (3/8/2024, BleepingComputer) Read more
โ๏ธ A decade post-Stuxnet, the struggle to secure OT systems and PLCs continues. (3/8/2024, Dark Reading) Read more
and finally in non-cyber or tech news…
๐ Dodge unveils the first-ever EV muscle car. (3/5/2024, Quartz) Read more
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!
Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.