Friday Wrap Up: 26 April 2024
It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
π MITRE, renowned for its cybersecurity frameworks, was compromised using MITRE techniques and Ivanti bugs (Published on 4/22/2024, Dark Reading). Read More
π¨οΈ Russia’s APT28 targeted Windows Print Spooler to introduce ‘GooseEgg’ malware, unknown until now (Published on 4/22/2024, The Hacker News). Read More
π΅οΈβοΈ ToddyCat hackers exploit advanced tools to steal data from governments on an industrial scale (Published on 4/22/2024, The Hacker News). Read More
π‘οΈ CrushFTP addresses a zero-day flaw allowing attackers to access system files (Published on 4/22/2024, SecurityWeek). Read More
π Ransomware victims often face repeat attacks, highlighting persistent cybersecurity threats (Published on 4/22/2024, The Hacker News). Read More
π½ North Korean hackers manipulate eScan antivirus updates to deploy GuptiMiner malware across major networks (Published on 4/23/2024, BleepingComputer). Read More
π CoralRaider campaign leverages CDN cache to distribute info-stealing malware in multiple countries (Published on 4/23/2024, BleepingComputer). Read More
π Hackers exploit Git CDNs to create phishing links using ghost comments, eluding detection (Published on 4/23/2024, Dark Reading). Read More
π₯ Siemens industrial products affected by an exploited Palo Alto Networks firewall vulnerability (Published on 4/23/2024, SecurityWeek). Read More
π΅ US offers a $10 million bounty for information on Iranian hackers targeting government and defense sectors (Published on 4/23/2024, SecurityWeek). Read More
let’s take a break from cyber and tech news….
π Study reveals bioluminescence dates back over half a billion years, shedding light on its evolution (Published on 4/23/2024, Gizmodo). Read More
π Voyager 1 sends first clear message in months, signaling a restoration of data communication with NASA (Published on 4/23/2024, Inverse). Read More
now back to cyber and tech news
π¨ Public exploit released for critical Flowmon vulnerability in Progress Flowmon. Patch urgently recommended (Published on 4/24/2024, BleepingComputer). Read More
π΅οΈβοΈ Iranian hackers orchestrate a multi-year cyber espionage campaign against US military and government entities (Published on 4/24/2024, Dark Reading). Read More
π₯ Cisco alerts about ‘ArcaneDoor’ zero-days in ASA firewalls, impacting telecom and energy sectors (Published on 4/24/2024, SecurityWeek). Read More
π» eScan antivirus update mechanism exploited to install backdoors and miners, potentially linked to North Korean hackers (Published on 4/24/2024, The Hacker News). Read More
π Ring users receive $5.6 million settlement from FTC for privacy breaches involving unauthorized video access (Published on 4/24/2024, BleepingComputer). Read More
π New Android malware, “Brokewell,” captures all user interactions on devices, posing severe security threats. (Published on 4/25/2024, BleepingComputer). Read More
π¨ Over 1,400 CrushFTP servers are at risk due to a critical bug being actively exploited. (Published on 4/25/2024, BleepingComputer). Read More
π Most Chinese keyboard apps are vulnerable to eavesdropping, affecting 1 billion users. (Published on 4/25/2024, Dark Reading). Read More
π£ New phishing attacks use Autodesk Drive to target corporate users with malicious PDFs. (Published on 4/25/2024, SecurityWeek). Read More
π΅οΈβοΈ North Korea’s Lazarus Group launches new Kaolin RAT malware through fake job offers. (Published on 4/25/2024, The Hacker News). Read More
π Palo Alto Networks shares urgent remediation for the critical PAN-OS flaw, CVE-2024-3400, now under active attack. (Published on 4/26/2024, The Hacker News). Read More
π Final phase of digital transformation emphasizes data modernization with new tools and technologies. (Published on 4/26/2024, informationweek). Read More
π‘ Telegram currently down globally, showing “Connecting” errorβusers unable to access services. (Published on 4/26/2024, BleepingComputer). Read More
π¨ Kaiser Permanente announces data breach potentially impacting 13.4 million U.S. patients. (Published on 4/26/2024, BleepingComputer). Read More
π Over 90k IP addresses hit by self-spreading PlugX USB drive malware. (Published on 4/26/2024, SecurityWeek). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!
Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.