cyberlights – week 10/2024

A weekly shortlist of cyber security highlights. While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

Highlights ✖️ The new X calling feature can hurt your privacy ⚠️ IP address X-posure now a feature on Musk's social media thing

🧠 Additional Critical Security Issues Affecting TeamCity On-Premises (CVE-2024-27198 and CVE-2024-27199) – Update to 2023.11.4 Now JetBrains TeamCity

For All

🐄 Content farm impersonates 60+ major news outlets, like BBC, CNN, CNBC

🐕 PetSmart warns of credential stuffing attacks trying to hack accounts Smart reaction!

🦁 Predator spyware infrastructure taken down after exposure

🎠 Pegasus spyware creator ordered to reveal code used to spy on WhatsApp users

📳 Surveillance through Push Notifications

🫨 Meta Abandons Hacking Victims, Draining Law Enforcement Resources, Officials Say

🍎 About the security content of iOS 17.4 and iPadOS 17.4

🖥️ VMware Releases Security Advisory for Multiple Products

❄️ Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

Change Healthcare/Alphv Corner Choose your source – this is the big one at the moment 🐈‍⬛ Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment ❤️‍🩹 BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare ↘️ BlackCat ransomware shuts down in exit scam, blames the “feds” 🥷 Ransomware group behind Change Healthcare attack goes dark 🏟️ After collecting $22 million, AlphV ransomware group stages FBI takedown

more, For the Curious

🪲 Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices

🗨️ Stealthy GTPDOOR Linux malware targets mobile operator networks I missed this one last week

⌛ Hackers exploited Windows 0-day for 6 months after Microsoft knew of it

🧢 Living off the land with native SSH and split tunnelling

♣️ Delving into Dalvik: A Look Into DEX Files

🦅 CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices

👐 CISA Announces New Efforts to Help Secure Open Source Ecosystem

🐚 Does Confluence Dream of Shells?

🧲 Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities

📚 LEARNING LESSONS FROM THE CYBER-ATTACK “overview of the cyber-attack on the British Library that took place in October 2023” – 18 Pages worth the read

(by Obviously, the opinions inside these articles are not my own. No guarantee for correct- or completeness in any way.