week 52/2023

This is simply an attempt at building a weekly shortlist of cyber security highlights. My intention is – kind of – to pick stuff that I think everyone should know about, but there is no actual planning done towards my choices – it is what I think is significant, cool or fun.

Most of the articles are in English, but some current warnings might also be in German.

For All

🎧 Spotify music converter TuneFab puts users at risk https://securityaffairs.com/156659/security/spotify-music-converter-tunefab-data-leak.html

⬛ New Black Basta decryptor exploits ransomware flaw to recover files encrypted between November 2022 earlier this month https://www.databreaches.net/new-black-basta-decryptor-exploits-ransomware-flaw-to-recover-files-encrypted-between-november-2022-earlier-this-month/

Games 🎮 Game mod on Steam breached to push password-stealing malware https://www.bleepingcomputer.com/news/security/game-mod-on-steam-breached-to-push-password-stealing-malware/

🎮 GTA 5 source code reportedly leaked online a year after RockStar hack https://www.bleepingcomputer.com/news/security/gta-5-source-code-reportedly-leaked-online-a-year-after-rockstar-hack/

Health 💊 Australia: St Vincent’s unable to confirm if medical records stolen Comment: No Logs –> no visibility –> no clue https://www.databreaches.net/au-st-vincents-unable-to-confirm-if-medical-records-stolen/

🏥 Lockbit ransomware disrupts emergency care at German hospitals https://www.bleepingcomputer.com/news/security/lockbit-ransomware-disrupts-emergency-care-at-german-hospitals/

🏥 Hospitals ask courts to force cloud storage firm to return stolen data https://www.bleepingcomputer.com/news/security/hospitals-ask-courts-to-force-cloud-storage-firm-to-return-stolen-data/

more, For the Curious

🚨 SSH ProxyCommand Unexpected Code Execution Vulnerability (CVE-2023-51385) https://threatprotect.qualys.com/2023/12/26/ssh-proxycommand-unexpected-code-execution-vulnerability-cve-2023-51385/

🐍 New Version of Meduza Stealer Released in Dark Web https://securityaffairs.com/156598/malware/meduza-stealer-released-dark-web.html

🍎 Most Sophisticated iPhone Hack Ever Exploited Apple's Hidden Hardware Feature https://thehackernews.com/2023/12/most-sophisticated-iphone-hack-ever.html

📧 SMTP Smuggling a little older but popped up, because of #37c3 https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/

(by @wrzlbrmpft@infosec.exchange) Obviously, the opinions in these articles are not my own. No guarantee for correct- or completeness in any way.

theme: https://write.as/themes/fosstodon-hub