week 09/2024
An attempt at creating a weekly shortlist of cyber security highlights. My intention is to pick news that everyone should know about. It is what I think is significant, cool or fun.
Most of the articles are in English, but some current warnings might be in German.
For All
🗨️ Webinar: Wie schütze ich mich vor Identitätsdiebstahl? https://www.watchlist-internet.at/news/webinar-wie-schuetze-ich-mich-vor-identitaetsdiebstahl/
🍼 Nevada sues to deny kids access to Meta's Messenger encryption https://www.theregister.com/2024/02/26/nevada_meta_encryption/
🖨️ Someone is hacking 3D printers to warn owners of a security flaw https://www.bitdefender.com/blog/hotforsecurity/someone-is-hacking-3d-printers-to-warn-owners-of-a-security-flaw/
📚 AI-generated articles prompt Wikipedia to downgrade CNET’s reliability rating https://arstechnica.com/information-technology/2024/02/wikipedia-downgrades-cnets-reliability-rating-after-ai-generated-articles/
📅 Calendar Meeting Links Used to Spread Mac Malware https://krebsonsecurity.com/2024/02/calendar-meeting-links-used-to-spread-mac-malware/
🤗 Hugging Face, the GitHub of AI, hosted code that backdoored user devices https://arstechnica.com/security/2024/03/hugging-face-the-github-of-ai-hosted-code-that-backdoored-user-devices/
⚠️ Hacker-Gruppe fordert Bitcoins: Erpresserische E-Mails enthalten Wohnadresse als Druckmittel https://www.watchlist-internet.at/news/hacker-gruppe-fordert-bitcoins-erpresserische-e-mails-enthalten-wohnadresse-als-druckmittel/
👣 Act now to stop WordPress and Tumblr selling your content to AI firms https://grahamcluley.com/act-now-to-stop-wordpress-and-tumblr-selling-your-content-to-ai-firms/
🛫 Booking.com refund request? It might be an Agent Tesla malware attack https://grahamcluley.com/booking-com-refund-request-it-might-be-an-agent-tesla-malware-attack/
🚗 Steel giant ThyssenKrupp confirms cyberattack on automotive division https://www.bleepingcomputer.com/news/security/steel-giant-thyssenkrupp-confirms-cyberattack-on-automotive-division/
🔍 Russland will Millionen Accounts in sozialen Netzwerken automatisch überwachen https://netzpolitik.org/2024/kreml-leaks-russland-will-millionen-accounts-in-sozialen-netzwerken-automatisch-ueberwachen/
🌏 Biden executive order seeks to cut China off from Americans’ sensitive data https://cyberscoop.com/data-broker-executive-order-china/
⛓️ Husqvarna ports Doom to a robot lawnmower – not, thankfully, its chainsaws https://go.theregister.com/feed/www.theregister.com/2024/02/28/husqvarna_doom_robomower_port/
🎪 Police seized Crimemarket, the largest German-speaking cybercrime marketplace https://securityaffairs.com/159813/cyber-crime/germany-police-seized-crimemarket.html
more, For the Curious
🗨️ Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities some more I-Soon https://securityaffairs.com/159595/hacking/i-soon-chinese-firm-data-leak.html
🧑🏫 CISA cautions against using hacked Ivanti VPN gateways even after factory resets https://www.bleepingcomputer.com/news/security/cisa-cautions-against-using-hacked-ivanti-vpn-gateways-even-after-factory-resets/
🖼️ NIST Cybersecurity Framework 2.0 https://www.nist.gov/cyberframework
🎖️Advanced Web Penetration Testing Certification HTB starting to certify your skill now https://academy.hackthebox.com/preview/certifications/htb-certified-web-exploitation-expert
🏭 Cybercrims: When we hit IT, they sometimes pay, but when we hit OT... jackpot https://www.theregister.com/2024/02/27/manufacturing_sector_malware/
🍷 European diplomats targeted by SPIKEDWINE with WINELOADER https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
🐲 BEAST AI needs just a minute of GPU time to make an LLM fly off the rails https://www.theregister.com/2024/02/28/beast_llm_adversarial_prompt_injection_attack/
📦 GitHub besieged by millions of malicious repositories in ongoing attack https://arstechnica.com/security/2024/02/github-besieged-by-millions-of-malicious-repositories-in-ongoing-attack/
🦟 The Art of Domain Deception: Bifrost's New Tactic to Deceive Users https://unit42.paloaltonetworks.com/new-linux-variant-bifrost-malware/
🚪 Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways CISA and Partners https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b
🕵️ Predator spyware endures even after widespread exposure, analysis shows https://cyberscoop.com/predator-spyware-endures-after-exposure/
Lockbit takedown Corner – again 🔨 FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga. He even talked to gang leader “lockbitsup” https://krebsonsecurity.com/2024/02/fbis-lockbit-takedown-postponed-a-ticking-time-bomb-in-fulton-county-ga/
🆙 Is the LockBit gang resuming its operation? Experts warn that the LockBit ransomware group has started using updated encryptors in new attacks,... https://securityaffairs.com/159757/cyber-crime/lockbit-gang-resuming-operation.html
🃏 Fulton County, Security Experts Call LockBit’s Bluff https://krebsonsecurity.com/2024/02/fulton-county-security-experts-call-lockbits-bluff/
(by @wrzlbrmpft@infosec.exchange) Obviously, the opinions inside these articles are not my own. No guarantee for correct- or completeness in any way.