Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 20 December 2024

Jorge Laurel Β· Β·3 min read Β·Issue #55


It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


Cybersecurity Threats and Attacks

Staying informed about the latest cybersecurity threats and data breaches is essential for businesses and individuals alike.

  • πŸ›‘ Malicious ads spread Lumma Stealer via fake CAPTCHA pages, tricking users into running PowerShell commands. (Published on 12/16/2024, BleepingComputer). Read More

  • 🐘 Glutton malware exploits popular PHP frameworks like Laravel and ThinkPHP, targeting multiple countries. (Published on 12/16/2024, The Hacker News). Read More

  • πŸ“ž Microsoft Teams vishing spreads DarkGate RAT, leveraging new delivery methods like instant messaging hijacking. (Published on 12/16/2024, Dark Reading). Read More

  • 🚨 Hackers leak partial Cisco data from 4.5TB of exposed records. Another troubling breach for the tech giant. (Published on 12/17/2024, Hackread). Read More

  • πŸš” BeyondTrust confirms hackers breached its Remote Support SaaS instances in a December attack. (Published on 12/19/2024, BleepingComputer). Read More

  • βš™οΈ UAC-0125 uses Cloudflare Workers to distribute malware disguised as Ukraine’s Army+ app. (Published on 12/19/2024, The Hacker News). Read More


Understanding recent cybercrimes and legal repercussions helps to stay vigilant.

  • βš–οΈ Man sentenced to 69 months for SQL injection hacking but released due to pretrial detention since 2019. (Published on 12/17/2024, SecurityWeek). Read More

  • πŸ’° Hackers demand ransom after breaching Rhode Island’s health system, exposing residents’ sensitive data. (Published on 12/17/2024, Hackread). Read More

  • 🍩 Krispy Kreme targeted by Play ransomware gang, disrupting operations in November. (Published on 12/20/2024, BleepingComputer). Read More


National Security and Policy

Key updates on government actions and their implications for cybersecurity.

  • πŸ‡ΊπŸ‡Έ The U.S. considers banning TP-Link routers over potential cybersecurity risks linked to national security. (Published on 12/18/2024, BleepingComputer). Read More

  • 🌌 Midnight Blizzard uses phishing and rogue RDP servers in attacks, complicating detection. (Published on 12/18/2024, Dark Reading). Read More


Cyber Awareness and Advocacy

Raising awareness about evolving scams and preventive measures.

  • πŸ’” INTERPOL advocates replacing “pig butchering” with “romance baiting” to describe online cryptocurrency scams. (Published on 12/18/2024, The Hacker News). Read More

  • πŸ“„ Mobile phishing campaigns target executives with fake DocuSign links in sophisticated attacks. (Published on 12/19/2024, Hackread). Read More


Industry Actions Against Cybercrime

Collaborative efforts in tackling cybercrime show progress.

  • πŸ“Ί ACE shuts down a massive sports piracy network with over 812M visits per year. (Published on 12/20/2024, BleepingComputer). Read More

Noteworthy Threat Actors

Insights into advanced persistent threat groups targeting critical industries.

  • πŸ”¬ North Korea’s Lazarus Group targets nuclear engineers with CookiePlus malware in sophisticated attacks. (Published on 12/20/2024, The Hacker News). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!