Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 9 August 2024

Jorge Laurel ยท ยท4 min read ยทIssue #37

It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


๐Ÿšจ The Hunters International ransomware group is using the new SharpRhino malware to target IT workers and breach corporate networks. (Published on 8/5/2024, BleepingComputer). Read More

๐Ÿ” One in five enterprise IT admins report state-sponsored attacks aiming to infiltrate their supply chains. (Published on 8/5/2024, Malware Analysis). Read More

๐Ÿ›ก๏ธ AWS’s new ‘Mithra’ neural network is enhancing the prediction and blocking of malicious domains with impressive speed. (Published on 8/5/2024, SecurityWeek). Read More

โš ๏ธ Chinese cyberattack exploiting a 2018 Microsoft vulnerability prompts a new alert from CISA. (Published on 8/5/2024, Computer Weekly). Read More

๐Ÿ“ฑ Google patches a critical Android kernel zero-day exploited in targeted attacks, part of 46 vulnerabilities addressed this month. (Published on 8/5/2024, BleepingComputer). Read More

๐ŸŽฏ Hunters International ransomware group is using the SharpRhino RAT to target IT workers, irrespective of the sector. (Published on 8/6/2024, Malware Analysis). Read More

๐Ÿ”“ Attackers employ multiple techniques to bypass reputation-based security, like Windows Smart App Control, allowing access without alerts. (Published on 8/6/2024, Dark Reading). Read More

๐Ÿ“š A hacker breached Mobile Guardian, wiping data from 13,000 student devices worldwide. (Published on 8/6/2024, BleepingComputer). Read More

๐Ÿ“ก New Android spyware LianSpy uses Yandex Cloud for command-and-control, evading detection in Russia. (Published on 8/6/2024, The Hacker News). Read More

๐Ÿ” CrowdStrike’s analysis reveals a sensor expecting one less input field caused the largest global IT disruption in history. (Published on 8/6/2024, InformationWeek). Read More

๐Ÿ” Censys identified over 40,000 internet-exposed ICS devices in the US, often without a way to notify owners. (Published on 8/7/2024, SecurityWeek). Read More

๐Ÿ’ป Ransomware attacks are increasing in frequency and sophistication, with more data leaks, according to Rapid7โ€™s Ransomware Radar Report 2024. (Published on 8/7/2024, SecurityWeek). Read More

๐Ÿ“ง Roundcube webmail flaws could let hackers execute malicious JavaScript to steal emails and passwords. (Published on 8/7/2024, The Hacker News). Read More

๐Ÿ•ต๏ธ The Chameleon banking trojan resurfaces, disguised as a CRM app, targeting hospitality and B2C workers while evading Android 13 security measures. (Published on 8/7/2024, Dark Reading). Read More

๐Ÿ–ฅ๏ธ A Windows Update downgrade attack discovered by SafeBreach can “unpatch” fully-updated Windows systems, reintroducing old vulnerabilities. (Published on 8/7/2024, BleepingComputer). Read More

๐Ÿ”’ Microsoft warns of downgrade attacks that could expose Windows systems to old vulnerabilities, working on updates to mitigate the risks. (Published on 8/8/2024, The Hacker News). Read More

โš ๏ธ An 18-year-old flaw in Firefox and Chrome is being exploited, allowing attackers to bypass security and interact with local networks. (Published on 8/8/2024, BleepingComputer). Read More

๐Ÿšจ SaaS apps may present an abbreviated kill chain, making it easier for attackers to achieve their objectives, as revealed at Black Hat. (Published on 8/8/2024, Dark Reading). Read More

๐Ÿ›ก๏ธ LibreOffice releases a critical security update to fix a vulnerability allowing macros to execute without warning. Users urged to update. (Published on 8/8/2024, Malware Analysis). Read More

๐Ÿ  ADT, a major home security company, admits to a hack compromising customer information, including home addresses. (Published on 8/8/2024, Gizmodo). Read More

๐Ÿ”“ A $70 hack allowed access to a 512-bit RSA key, giving control over 200 MW of capacity in a home energy system. (Published on 8/9/2024, Ars Technica). Read More

๐Ÿ›ก๏ธ Malware has force-installed malicious Chrome extensions on 300,000+ browsers, hijacking homepages and stealing browsing history. (Published on 8/9/2024, BleepingComputer). Read More

๐ŸŒ Iranian cyber actors are ramping up efforts to influence the upcoming US election, Microsoft reports. (Published on 8/9/2024, SecurityWeek). Read More

๐Ÿ”ง Microsoft discloses four OpenVPN flaws that could be exploited for remote code execution and privilege escalation. (Published on 8/9/2024, The Hacker News). Read More

and finally in non-cyber or tech news…

๐Ÿ—๏ธ New evidence suggests Egyptians might have used hydraulic lifts to build the Pyramid of Djoser. (Published on 8/5/2024, Ars Technica). Read More

๐ŸŽฌ The director of Deadpool & Wolverine reveals a surprising Easter egg referencing the 1987 comedy classic with Steve Martin and John Candy. (Published on 8/5/2024, Gizmodo). Read More

๐Ÿš€ Speculation arises that two Boeing Starliner astronauts stuck on the ISS might need to return on a SpaceX Dragon, potentially staying for six months. (Published on 8/7/2024, Gizmodo). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!


Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.