Friday Wrap Up: 7 June 2024
It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
๐จ A massive trove of 361 million stolen accounts has been added to Have I Been Pwned. Check if your accounts are compromised! (Published on 6/3/2024, BleepingComputer). Read More
๐ Security researchers discovered a high-severity vulnerability in Azure Service Tags, but Microsoft disagrees. (Published on 6/3/2024, BleepingComputer). Read More
โ Snowflake denies responsibility for the Ticketmaster and Santander breaches, admitting only to an ex-employee account compromise. (Published on 6/3/2024, InformationWeek). Read More
๐ AI and cloud computing are converging to revolutionize innovation and productivity. Organizations must adapt to lead in this new era. (Published on 6/3/2024, InformationWeek). Read More
๐จ DarkGate malware shifts from AutoIt to AutoHotkey to evade detection. Stay vigilant! (Published on 6/4/2024, The Hacker News). Read More
๐ง Cox patches vulnerabilities that exposed millions of modems to remote hacking risks. (Published on 6/4/2024, SecurityWeek). Read More
๐ Ticketmaster breach highlights critical SaaS data security risks. (Published on 6/4/2024, Dark Reading). Read More
โ ๏ธ Invasive tracking on sensitive support websites shares users’ data with advertisers. (Published on 6/4/2024, Computer Weekly). Read More
๐ฑ๐ป TikTok fixes zero-day bug that hijacked high-profile accounts via direct messages. (Published on 6/4/2024, BleepingComputer). Read More
๐ ‘NsaRescueAngel’ backdoor account found again in Zyxel products, allowing remote code execution. (Published on 6/5/2024, SecurityWeek). Read More
๐ฑ Celebrity TikTok accounts compromised using a zero-click attack via DMs. (Published on 6/5/2024, The Hacker News). Read More
๐ง Kali Linux 2024.2 released with 18 new tools and Y2038 bug fixes. (Published on 6/5/2024, BleepingComputer). Read More
๐ก๏ธ Club Penguin fans breached Disney Confluence server, stealing 2.5GB of data. (Published on 6/5/2024, BleepingComputer). Read More
๐ FBI finds 7,000 LockBit decryption keys in major blow to ransomware gang. (Published on 6/6/2024, ComputerWeekly.com). Read More
๐ Muhstik botnet exploiting Apache RocketMQ flaw to scale up DDoS attacks. (Published on 6/6/2024, The Hacker News). Read More
โ ๏ธ Google and Microsoft warn of high cyber risks from Russian actors targeting the 2024 Paris Olympics. (Published on 6/6/2024, SecurityWeek). Read More
๐ ๏ธ Gitloker attacks wiping GitHub repos in new extortion scheme. (Published on 6/6/2024, BleepingComputer). Read More
๐ธ PandaBuy pays ransom to hacker only to face repeated extortion. (Published on 6/6/2024, BleepingComputer). Read More
๐ Microsoft makes Recall feature off-by-default after security and privacy backlash, adds encryption and Windows Hello authentication. (Published on 6/7/2024, Ars Technica). Read More
โ๏ธ ‘Sticky Werewolf’ APT targets aviation sector for high-value intelligence. (Published on 6/7/2024, Dark Reading). Read More
๐ฅ๏ธ LightSpy spyware’s macOS variant discovered with advanced surveillance capabilities. (Published on 6/7/2024, The Hacker News). Read More
๐ข TikTok zero-day patch, DMM Bitcoin hack, and free VPN app analysis highlight significant cybersecurity events. (Published on 6/7/2024, SecurityWeek). Read More
and finally in non-cyber or tech news I have a some Stars Wars tidbits to accompany the premiere of the The Acolyte series this week…
๐ The Acolyte explores new mysteries in the Star Wars universe. (Published on 6/5/2024, Gizmodo). Read More
โจ Ranking Han Solo in Carbonite collectibles โ from Funko to Hasbro! Join in on this unique journey. (Published on 6/5/2024, Gizmodo). Read More
๐ The Acolyte fought hard to get its one big iconic Star Wars line, blending new ground with classic nods. (Published on 6/5/2024, Gizmodo). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!
Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.