Friday Wrap Up: 17 May 2024
It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
๐ DNS tunneling is increasingly exploited by hackers to track phishing victims and scan networks for weaknesses (Published on 5/13/2024, BleepingComputer). Read More
๐ฆ A deceptive PyPi package targets Macs using Sliver pen-testing, mimicking the ‘requests’ library (Published on 5/13/2024, BleepingComputer). Read More
๐ Black Basta ransomware innovates with a new vishing strategy after impacting 500 victims (Published on 5/13/2024, Dark Reading). Read More
๐ NATO establishes a “cyber red line” amid escalating tensions with Russia (Published on 5/13/2024, SecurityWeek). Read More
๐จ Critical vulnerabilities in Cinterion cellular modems pose severe risks across various industries (Published on 5/13/2024, The Hacker News). Read More
๐ฃ๏ธ OpenAI’s new voice assistant ChatGPT-4o outperforms Apple’s Siri in latest reviews (Published on 5/13/2024, Business Insider). Read More
๐ VMware now offers Workstation Pro and Fusion Pro for free personal use, enabling home users and students to explore virtual systems. (Published on 5/14/2024, BleepingComputer). Read More
๐จ Nearly 900,000 individuals affected by a ransomware attack on Singing River Health System. Protect your data! (Published on 5/14/2024, BleepingComputer). Read More
โ ๏ธ Cacti network framework’s critical vulnerabilities patched, previously allowing malicious code execution. Stay updated! (Published on 5/14/2024, The Hacker News). Read More
๐ง Enterprises targeted in ongoing spam and phone call campaign aiming for access exploitation. Be cautious! (Published on 5/14/2024, The Hacker News). Read More
๐ก๏ธ Microsoft issues urgent fix for an actively exploited zero-day, among 60 security patches. Update now! (Published on 5/14/2024, SecurityWeek). Read More
๐จ The FBI has seized the notorious BreachForums hacking forum that leaked and sold stolen corporate data to cybercriminals. (Published on 5/15/2024, BleepingComputer). Read More
๐ Google releases an emergency Chrome update to fix the third zero-day vulnerability exploited in attacks within a week. (Published on 5/15/2024, BleepingComputer). Read More
โ ๏ธ Cybercriminals are using fake DocuSign templates for extortion and business email compromise. Stay cautious! (Published on 5/15/2024, Dark Reading). Read More
๐ง The Ebury Linux botnet has infected over 400,000 Linux servers over 15 years, with 100,000 still compromised. (Published on 5/15/2024, SecurityWeek). Read More
๐ Turla Group targets a European Ministry and diplomatic missions with new backdoors LunarWeb and LunarMail. (Published on 5/15/2024, The Hacker News). Read More
๐ ๏ธ Microsoft acknowledges a new issue causing Windows Server 2019 updates to fail with 0x800f0982 errors. (Published on 5/16/2024, BleepingComputer). Read More
๐จ Five individuals charged for cyber schemes benefiting North Korea’s nuclear weapons program. (Published on 5/16/2024, BleepingComputer). Read More
๐ Asian threat actors exploit generative AI and supply chain attacks to target familiar victims. (Published on 5/16/2024, Dark Reading). Read More
๐ต๏ธ US AI experts targeted in SugarGh0st RAT campaign, likely China-affiliated. (Published on 5/16/2024, Dark Reading). Read More
๐ Personal information stolen in a ransomware attack on the City of Wichita. (Published on 5/16/2024, SecurityWeek). Read More
๐จ This week in ransomware: BreachForums seizure takes center stage, with a resurgence in mailbombing. (Published on 5/17/2024, BleepingComputer). Read More
๐ข SEC mandates financial institutions to notify individuals of data breaches within 30 days. (Published on 5/17/2024, BleepingComputer). Read More
โ ๏ธ Microsoft has yet to patch seven critical Pwn2Own zero-days; urgency is growing. (Published on 5/17/2024, Dark Reading). Read More
๐ Former OpenAI leader critiques company, claiming safety takes a backseat to product development. (Published on 5/17/2024, SecurityWeek). Read More
๐ป Kinsing hacker group exploits new vulnerabilities to expand its cryptojacking botnet. (Published on 5/17/2024, The Hacker News). Read More
and finally in non-cyber or tech news…
๐ฎ A Super Mario 64 player has cracked the mystery of the ‘unopenable’ cabin door after 28 years, using a penguin and a backflip! (Published on 5/13/2024, IGN). Read More
๐ Discover the coolest, most unique Obi-Wan Kenobi figure yet, featuring Mandalorian armor! (Published on 5/16/2024, Gizmodo). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!
Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.