Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 7 June 2024

Jorge Laurel ยท ยท4 min read ยทIssue #25

It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


๐Ÿšจ A massive trove of 361 million stolen accounts has been added to Have I Been Pwned. Check if your accounts are compromised! (Published on 6/3/2024, BleepingComputer). Read More

๐Ÿ”’ Security researchers discovered a high-severity vulnerability in Azure Service Tags, but Microsoft disagrees. (Published on 6/3/2024, BleepingComputer). Read More

โ— Snowflake denies responsibility for the Ticketmaster and Santander breaches, admitting only to an ex-employee account compromise. (Published on 6/3/2024, InformationWeek). Read More

๐Ÿš€ AI and cloud computing are converging to revolutionize innovation and productivity. Organizations must adapt to lead in this new era. (Published on 6/3/2024, InformationWeek). Read More

๐Ÿšจ DarkGate malware shifts from AutoIt to AutoHotkey to evade detection. Stay vigilant! (Published on 6/4/2024, The Hacker News). Read More

๐Ÿ”ง Cox patches vulnerabilities that exposed millions of modems to remote hacking risks. (Published on 6/4/2024, SecurityWeek). Read More

๐Ÿ” Ticketmaster breach highlights critical SaaS data security risks. (Published on 6/4/2024, Dark Reading). Read More

โš ๏ธ Invasive tracking on sensitive support websites shares users’ data with advertisers. (Published on 6/4/2024, Computer Weekly). Read More

๐Ÿฑ๐Ÿ’ป TikTok fixes zero-day bug that hijacked high-profile accounts via direct messages. (Published on 6/4/2024, BleepingComputer). Read More

๐Ÿ” ‘NsaRescueAngel’ backdoor account found again in Zyxel products, allowing remote code execution. (Published on 6/5/2024, SecurityWeek). Read More

๐Ÿ“ฑ Celebrity TikTok accounts compromised using a zero-click attack via DMs. (Published on 6/5/2024, The Hacker News). Read More

๐Ÿง Kali Linux 2024.2 released with 18 new tools and Y2038 bug fixes. (Published on 6/5/2024, BleepingComputer). Read More

๐Ÿ›ก๏ธ Club Penguin fans breached Disney Confluence server, stealing 2.5GB of data. (Published on 6/5/2024, BleepingComputer). Read More

๐Ÿ”“ FBI finds 7,000 LockBit decryption keys in major blow to ransomware gang. (Published on 6/6/2024, ComputerWeekly.com). Read More

๐Ÿ™ Muhstik botnet exploiting Apache RocketMQ flaw to scale up DDoS attacks. (Published on 6/6/2024, The Hacker News). Read More

โš ๏ธ Google and Microsoft warn of high cyber risks from Russian actors targeting the 2024 Paris Olympics. (Published on 6/6/2024, SecurityWeek). Read More

๐Ÿ› ๏ธ Gitloker attacks wiping GitHub repos in new extortion scheme. (Published on 6/6/2024, BleepingComputer). Read More

๐Ÿ’ธ PandaBuy pays ransom to hacker only to face repeated extortion. (Published on 6/6/2024, BleepingComputer). Read More

๐Ÿ”’ Microsoft makes Recall feature off-by-default after security and privacy backlash, adds encryption and Windows Hello authentication. (Published on 6/7/2024, Ars Technica). Read More

โœˆ๏ธ ‘Sticky Werewolf’ APT targets aviation sector for high-value intelligence. (Published on 6/7/2024, Dark Reading). Read More

๐Ÿ–ฅ๏ธ LightSpy spyware’s macOS variant discovered with advanced surveillance capabilities. (Published on 6/7/2024, The Hacker News). Read More

๐Ÿ“ข TikTok zero-day patch, DMM Bitcoin hack, and free VPN app analysis highlight significant cybersecurity events. (Published on 6/7/2024, SecurityWeek). Read More

and finally in non-cyber or tech news I have a some Stars Wars tidbits to accompany the premiere of the The Acolyte series this week…

๐ŸŒŒ The Acolyte explores new mysteries in the Star Wars universe. (Published on 6/5/2024, Gizmodo). Read More

โœจ Ranking Han Solo in Carbonite collectibles โ€“ from Funko to Hasbro! Join in on this unique journey. (Published on 6/5/2024, Gizmodo). Read More

๐ŸŒŒ The Acolyte fought hard to get its one big iconic Star Wars line, blending new ground with classic nods. (Published on 6/5/2024, Gizmodo). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!


Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.