Friday Wrap Up: 24 May 2024
It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
๐จ Microsoft introduces ‘Recall’ for Windows 11, an AI feature that records your activities for easy search. (Published on 5/20/2024, BleepingComputer). Read More
๐ก๏ธ The latest BiBi Wiper malware version now deletes the disk partition table, complicating data recovery. (Published on 5/20/2024, BleepingComputer). Read More
๐ American Radio Relay League (ARRL) suffers a cyberattack, causing disruptions and potential data breach. (Published on 5/20/2024, SecurityWeek). Read More
โ ๏ธ Critical vulnerability ‘Linguistic Lumberjack’ found in Fluent Bit utility, affecting major tech companies. (Published on 5/20/2024, SecurityWeek). Read More
๐ฑ Beware of the Antidot Trojan disguised as a Google Play update, targeting financial data with overlay attacks and keylogging. (Published on 5/20/2024, Dark Reading). Read More
๐จ Researchers reveal a critical flaw in the llama_cpp_python package, risking arbitrary code execution. Stay updated! (Published on 5/21/2024, The Hacker News). Read More
โ๏ธ New CLOUD#REVERSER attack uses Google Drive and Dropbox to deliver malware via Unicode tricks. Be cautious! (Published on 5/21/2024, The Hacker News). Read More
โ ๏ธ Rockwell Automation urges admins to take ICS devices offline amid rising malicious activity. Important advisory! (Published on 5/21/2024, BleepingComputer). Read More
๐ GitHub fixes a severe SAML auth bypass flaw in Enterprise Server, rated CVSS 10.0. Ensure your systems are secure! (Published on 5/21/2024, BleepingComputer). Read More
๐ฅ YouTube faces new phishing and deepfake threats through fake collaboration offers and malware-laden video descriptions. Stay vigilant! (Published on 5/21/2024, Dark Reading). Read More
….lets take a quick break from cyber and tech news
๐ NASA is planning a maglev railroad to transport cargo across the Moon’s surface, aiming for a long-term lunar presence. (Published on 5/21/2024, Gizmodo). Read More
๐ถ John Williams composed a special Star Wars theme for Amandla Stenberg, the new star in “The Acolyte.” (Published on 5/20/2024, Gizmodo). Read More
….and back to it
๐ Microsoft is phasing out VBScript starting in the second half of 2024, transitioning it to an on-demand feature. (Published on 5/22/2024, BleepingComputer). Read More
๐ฐ The Intercontinental Exchange will pay a $10M SEC penalty for not promptly reporting a VPN breach from April 2021. (Published on 5/22/2024, BleepingComputer). Read More
๐ A critical Veeam vulnerability allows authentication bypass; updates are now available. (Published on 5/22/2024, SecurityWeek). Read More
๐ ๏ธ Ivanti has patched critical code execution vulnerabilities in its Endpoint Manager with recent updates. (Published on 5/22/2024, SecurityWeek). Read More
๐ Spyware found on US hotel check-in computers, leaking guest information screenshots online. (Published on 5/22/2024, TechCrunch). Read More
๐ The National Vulnerability Database’s decline is due to three major factors affecting its classification of security issues. (Published on 5/23/2024, InformationWeek). Read More
๐ A new gift card scam hacks retailers’ portals to generate unlimited gift cards, modernizing an old scam. (Published on 5/23/2024, Dark Reading). Read More
๐ A Microsoft outage impacts Bing, Copilot, DuckDuckGo, and ChatGPT internet searches in some regions. (Published on 5/23/2024, BleepingComputer). Read More
๐ฑ A bug in iOS 17.5.1, not iCloud, caused deleted photos to reappear, says recent research. (Published on 5/23/2024, BleepingComputer). Read More
๐ Ransomware attacks increasingly exploit VMware ESXi vulnerabilities due to misconfigurations and inherent flaws. (Published on 5/23/2024, The Hacker News). Read More
๐ Our panel discusses why DDoS attacks remain a persistent challenge for enterprises. (Published on 5/24/2024, InformationWeek). Read More
๐ Google addresses the fourth zero-day exploit in Chrome this month. Update your browser now! (Published on 5/24/2024, The Hacker News). Read More
๐ฅ๏ธ New ShrinkLocker ransomware uses BitLocker to encrypt corporate systems, creating a new boot partition. (Published on 5/24/2024, BleepingComputer). Read More
๐ซ As the digital landscape evolves, “No” and “Good Enough” should drive innovation, not be barriers in cybersecurity. (Published on 5/24/2024, Dark Reading). Read More
๐ค Google’s AI Overview can give misleading and dangerous answers, highlighting issues in AI sourcing. (Published on 5/24/2024, Ars Technica). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!