Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 17 May 2024

Jorge Laurel ยท ยท4 min read ยทIssue #22

It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


๐Ÿ” DNS tunneling is increasingly exploited by hackers to track phishing victims and scan networks for weaknesses (Published on 5/13/2024, BleepingComputer). Read More

๐Ÿ“ฆ A deceptive PyPi package targets Macs using Sliver pen-testing, mimicking the ‘requests’ library (Published on 5/13/2024, BleepingComputer). Read More

๐Ÿ“ž Black Basta ransomware innovates with a new vishing strategy after impacting 500 victims (Published on 5/13/2024, Dark Reading). Read More

๐Ÿ›‘ NATO establishes a “cyber red line” amid escalating tensions with Russia (Published on 5/13/2024, SecurityWeek). Read More

๐Ÿšจ Critical vulnerabilities in Cinterion cellular modems pose severe risks across various industries (Published on 5/13/2024, The Hacker News). Read More

๐Ÿ—ฃ๏ธ OpenAI’s new voice assistant ChatGPT-4o outperforms Apple’s Siri in latest reviews (Published on 5/13/2024, Business Insider). Read More

๐Ÿ†“ VMware now offers Workstation Pro and Fusion Pro for free personal use, enabling home users and students to explore virtual systems. (Published on 5/14/2024, BleepingComputer). Read More

๐Ÿšจ Nearly 900,000 individuals affected by a ransomware attack on Singing River Health System. Protect your data! (Published on 5/14/2024, BleepingComputer). Read More

โš ๏ธ Cacti network framework’s critical vulnerabilities patched, previously allowing malicious code execution. Stay updated! (Published on 5/14/2024, The Hacker News). Read More

๐Ÿ“ง Enterprises targeted in ongoing spam and phone call campaign aiming for access exploitation. Be cautious! (Published on 5/14/2024, The Hacker News). Read More

๐Ÿ›ก๏ธ Microsoft issues urgent fix for an actively exploited zero-day, among 60 security patches. Update now! (Published on 5/14/2024, SecurityWeek). Read More

๐Ÿšจ The FBI has seized the notorious BreachForums hacking forum that leaked and sold stolen corporate data to cybercriminals. (Published on 5/15/2024, BleepingComputer). Read More

๐Ÿ”’ Google releases an emergency Chrome update to fix the third zero-day vulnerability exploited in attacks within a week. (Published on 5/15/2024, BleepingComputer). Read More

โš ๏ธ Cybercriminals are using fake DocuSign templates for extortion and business email compromise. Stay cautious! (Published on 5/15/2024, Dark Reading). Read More

๐Ÿง The Ebury Linux botnet has infected over 400,000 Linux servers over 15 years, with 100,000 still compromised. (Published on 5/15/2024, SecurityWeek). Read More

๐ŸŒ Turla Group targets a European Ministry and diplomatic missions with new backdoors LunarWeb and LunarMail. (Published on 5/15/2024, The Hacker News). Read More

๐Ÿ› ๏ธ Microsoft acknowledges a new issue causing Windows Server 2019 updates to fail with 0x800f0982 errors. (Published on 5/16/2024, BleepingComputer). Read More

๐Ÿšจ Five individuals charged for cyber schemes benefiting North Korea’s nuclear weapons program. (Published on 5/16/2024, BleepingComputer). Read More

๐ŸŒ Asian threat actors exploit generative AI and supply chain attacks to target familiar victims. (Published on 5/16/2024, Dark Reading). Read More

๐Ÿ•ต๏ธ US AI experts targeted in SugarGh0st RAT campaign, likely China-affiliated. (Published on 5/16/2024, Dark Reading). Read More

๐Ÿ” Personal information stolen in a ransomware attack on the City of Wichita. (Published on 5/16/2024, SecurityWeek). Read More

๐Ÿšจ This week in ransomware: BreachForums seizure takes center stage, with a resurgence in mailbombing. (Published on 5/17/2024, BleepingComputer). Read More

๐Ÿ“ข SEC mandates financial institutions to notify individuals of data breaches within 30 days. (Published on 5/17/2024, BleepingComputer). Read More

โš ๏ธ Microsoft has yet to patch seven critical Pwn2Own zero-days; urgency is growing. (Published on 5/17/2024, Dark Reading). Read More

๐Ÿ” Former OpenAI leader critiques company, claiming safety takes a backseat to product development. (Published on 5/17/2024, SecurityWeek). Read More

๐Ÿ’ป Kinsing hacker group exploits new vulnerabilities to expand its cryptojacking botnet. (Published on 5/17/2024, The Hacker News). Read More

and finally in non-cyber or tech news…

๐ŸŽฎ A Super Mario 64 player has cracked the mystery of the ‘unopenable’ cabin door after 28 years, using a penguin and a backflip! (Published on 5/13/2024, IGN). Read More

๐Ÿš€ Discover the coolest, most unique Obi-Wan Kenobi figure yet, featuring Mandalorian armor! (Published on 5/16/2024, Gizmodo). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!


Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.