Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 8 November 2024

Jorge Laurel ยท ยท3 min read ยทIssue #50


It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


Cybersecurity Threats and Exploits

A roundup of recent cybersecurity incidents and newly discovered vulnerabilities impacting various platforms and users worldwide.

๐Ÿšจ DocuSignโ€™s Envelopes API is being exploited to send fake invoices, mimicking brands like Norton and PayPal. (Published on 11/4/2024, BleepingComputer). Read More

๐Ÿ” Googleโ€™s AI tool, Big Sleep, uncovers a zero-day vulnerability in the SQLite database engine, marking a first in AI-assisted vulnerability discovery. (Published on 11/4/2024, The Hacker News). Read More

๐Ÿ” Okta patches a 52-character username bug that posed an authentication bypass risk after a three-month delay. (Published on 11/4/2024, Dark Reading). Read More

๐Ÿ›  Cisco addresses a critical flaw allowing root command execution on Ultra-Reliable Wireless Backhaul access points, used in industrial settings. (Published on 11/6/2024, BleepingComputer). Read More

๐Ÿค– The Androxgh0st botnet has integrated with Mozi, intensifying attacks on IoT vulnerabilities. (Published on 11/7/2024, HackRead). Read More

๐Ÿ›‘ SteelFox malware infects 11,000 devices with a miner and data stealer, complicating detection and prevention efforts. (Published on 11/7/2024, Dark Reading). Read More

Global law enforcement efforts intensify as agencies crack down on cybercrime networks and respond to tech-related legal breaches.

๐Ÿ‘ฎ Canadian authorities have arrested the suspect behind multiple Snowflake account hacks from earlier this year. (Published on 11/5/2024, SecurityWeek). Read More

๐ŸŒ In a global cybercrime crackdown, over 22,000 malicious IPs linked to phishing, infostealers, and ransomware have been dismantled. (Published on 11/6/2024, SecurityWeek). Read More

Data Privacy and Regulatory Actions

Privacy concerns arise as companies face fines and regulatory actions for misusing data and breaching user trust.

๐Ÿ’ฐ Meta faces a $15.67 million fine from South Korea for illegally collecting and sharing sensitive user data with advertisers without consent. (Published on 11/5/2024, The Hacker News). Read More

๐Ÿ“ข The FBI issues a warning about hackers impersonating police in fraudulent data requests to access private information from tech companies. (Published on 11/8/2024, TechCrunch). Read More

Malware and Emerging Threats

New malware strains and hacking techniques reveal the persistence and evolution of digital threats, particularly targeting personal and financial data.

๐Ÿง CRON#TRAP malware targets Linux systems, establishing backdoors through phishing in emulated environments. (Published on 11/5/2024, HackRead). Read More

๐Ÿ“ฑ SpyAgent malware on Android targets cryptocurrency users by stealing screenshots of sensitive data like recovery phrases. (Published on 11/8/2024, Security Intelligence). Read More

Security and Technology Insights

Significant technological issues and unexpected behaviors in devices prompt analysis and responses from tech companies.

๐Ÿ“ฑ In an unusual development, seized iPhones are rebooting automatically, sparking speculation over a potential new security feature in iOS 18. (Published on 11/8/2024, Gizmodo). Read More

๐Ÿ”“ Nokia clarifies that leaked source code on a hacker forum belongs to a third-party app, confirming no impact on company or customer data. (Published on 11/7/2024, BleepingComputer). Read More

๐Ÿ” IBMโ€™s Security Verify Access exposed 36 vulnerabilities that could compromise authentication infrastructures if exploited. (Published on 11/5/2024, SecurityWeek). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!