Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 23 Aug 2024

Jorge Laurel Β· Β·4 min read Β·Issue #40

It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


Cybersecurity Breaches and Vulnerabilities

πŸ”’ FlightAware alerts users to reset passwords following a data security incident that may have exposed personal information. (Published on 8/19/2024, Bleeping Computer). Read More

πŸ“± Google Pixel phones found with a Verizon app that serves as a potential backdoor for attackers. (Published on 8/19/2024, Dark Reading). Read More

πŸ—„οΈ A massive data breach has been confirmed in the National Public Data, underscoring the need for stronger data protection measures. (Published on 8/19/2024, Dark Reading). Read More

πŸ–₯️ Bugs in Microsoft apps for macOS could allow attackers to take control of cameras, microphones, and screen recordings. (Published on 8/19/2024, Malware News). Read More

πŸ’» Banshee Stealer malware targets macOS systems, stealing data from browser extensions and iCloud Keychain. (Published on 8/19/2024, Malware News). Read More

πŸ”‘ Critical vulnerability in the GiveWP WordPress plugin exposed 100,000 sites to potential takeover. (Published on 8/20/2024, SecurityWeek). Read More

πŸ”“ Major backdoor in millions of RFID cards enables instant cloning of smart cards used in offices and hotels. (Published on 8/20/2024, SecurityWeek). Read More

πŸšͺ IRGC-linked hackers utilize a monolithic Trojan to consolidate malware backdoor operations. (Published on 8/20/2024, Dark Reading). Read More

🚨 August Windows updates cause dual-boot issues on Linux systems with Secure Boot enabled. (Published on 8/20/2024, BleepingComputer). Read More

πŸ”’ Hackers lock Unicoin staff out of Google accounts for four days by compromising their Workspace account. (Published on 8/20/2024, BleepingComputer). Read More

New Threats and Exploits

🦠 New MoonPeak Trojan deployed by North Korean hackers in an ongoing cyber campaign. (Published on 8/21/2024, The Hacker News). Read More

🐞 New macOS malware ‘TodoSwift’ linked to North Korean hacking groups poses a fresh threat. (Published on 8/21/2024, The Hacker News). Read More

πŸ”’ Google fixes a high-severity Chrome flaw actively exploited in the wild, preventing further attacks. (Published on 8/21/2024, The Hacker News). Read More

πŸ” Hardcoded credential vulnerability found in SolarWinds Web Help Desk software prompts urgent patch. (Published on 8/22/2024, The Hacker News). Read More

Industry News and Reports

πŸ›‘οΈ NSA issues new guidelines for improving logging and threat detection to combat living-off-the-land attacks. (Published on 8/22/2024, Dark Reading). Read More

πŸ› οΈ Phrack hacker zine releases a new edition after a three-year hiatus, featuring latest insights and hacking techniques. (Published on 8/21/2024, BleepingComputer). Read More

⚠️ Critical Jenkins RCE bug remains under active exploitation due to delayed patching efforts. (Published on 8/21/2024, Dark Reading). Read More

πŸ” FBI Director warns of elevated threats ranging from cybercrime to terrorism, calling for increased cooperation with the private sector. (Published on 8/23/2024, SecurityWeek). Read More

Recent Cyberattacks and Incidents

🏭 Microchip Technology discloses a cyberattack impacting some of its manufacturing facilities. (Published on 8/21/2024, SecurityWeek). Read More

πŸ›‘οΈ Halliburton confirms a cyberattack that led to a temporary shutdown of its systems. (Published on 8/23/2024, BleepingComputer). Read More

Unusual Cybercrime Stories

πŸ‘€ A hacker tried to fake his death by hacking state registries to avoid child support obligations. (Published on 8/23/2024, SecurityWeek). Read More

πŸ”’ New Qilin ransomware attack involves VPN credential theft and Chrome data exfiltration, marking a novel attack vector. (Published on 8/23/2024, The Hacker News). Read More

πŸ›‘οΈ Greasy Opal’s CAPTCHA solver continues to fuel cybercrime after 16 years, providing tools to bypass account security solutions. (Published on 8/23/2024, BleepingComputer). Read More

and finally in non-cyber or tech news…

Entertainment News

πŸ§™β€β™‚οΈ Rings of Power introduces CiarΓ‘n Hinds as a new, mysterious Dark Wizard in season 2, raising questions about his true identity. (Published on 8/23/2024, Gizmodo). Read More

🌌 Lucasfilm’s decision to move away from The Acolyte could signal a new direction for the future of Star Wars. (Published on 8/20/2024, Gizmodo). Read More

Science and Health

🧬 New research sheds light on how fasting impacts gut health, revealing its complex biological effects. (Published on 8/22/2024, Gizmodo). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!


Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.