📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #40/2023 is out! It includes the following and much more:
🇺🇸 🗳️ D.C. Board of #Elections confirms voter data stolen in site hack
🔓 🪪 #MGM Resorts confirms hackers stole customers’ personal data during #cyberattack
🔓 🧬 #DNA testing service 23andMe investigating theft of user data
🔓 🎧 #Sony confirms #databreach impacting thousands in the U.S.
📱 💥 Lyca Mobile Group Services Significantly Disrupted by Cyberattack
🔓 🕵🏻♂️ #NATO investigating breach, #leak of internal documents
🔓 🇪🇺 European Telecommunications Standards Institute Discloses Data Breach
🔓 🏨 #MotelOne discloses data breach following #ransomware attack
🇰🇵 💰 North Korea's #Lazarus Group Launders $900 Million in #Cryptocurrency
🇧🇪 🇨🇳 #Alibaba accused of ‘possible espionage’ at European hub
🇨🇳 #China-linked cyberspies #backdoor #semiconductor firms with #CobaltStrike
🥸 Meet LostTrust #ransomware — A likely rebrand of the #MetaEncryptor gang
🇬🇾 🇨🇳 #Guyana Governmental Entity Hit by #DinodasRAT in #CyberEspionage Attack
🇷🇺 🇺🇸 #FBI most-wanted Russian hacker reveals why he burned his passport
🇺🇸 🏥 #FDA cyber mandates for #medicaldevices goes into effect
☁️ 🔓 Number of Internet-Exposed #ICS Drops Below 100,000
☁️ #Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via #SQL Server Instance
🦠 📈 #QakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest Attacks
🔓 🍏 #Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day
🎣 🧑🏻💼 US Executives Targeted in #Phishing Attacks Exploiting Flaw in Indeed Job Platform
🦠 🏦 #Zanubis #Android Banking Trojan Poses as Peruvian Government App to Target Users
🦠 🇮🇷 Iranian APT Group #OilRig Using New Menorah #Malware for Covert Operations
🔐 ☁️ #Amazon to make #MFA mandatory for 'root' #AWS accounts by mid-2024
🛡️ 🧅 #Microsoft Defender no longer flags #Tor Browser as malware
👀 X-Force uncovers global #NetScaler Gateway credential harvesting campaign
🐛 💰 Zero-days for hacking #WhatsApp are now worth millions of dollars
🩹 #Cisco fixes hard-coded root credentials in Emergency Responder
🔓 Vulnerabilities in #Supermicro BMCs could allow for unkillable server #rootkits
🔓 🐧 Looney Tunables: New #Linux Flaw Enables Privilege Escalation on Major Distributions
🐍 Warning: #PyTorch Models Vulnerable to Remote Code Execution via ShellTorch
🩹 Microsoft Edge, Teams get fixes for zero-days in #opensource libraries
🔓 🔥 Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw
☁️ Cloudflare #DDoS protections ironically bypassed using #Cloudflare
📚 This week's recommended reading is: "8 Steps to Better Security: A Simple Cyber Resilience Guide for Business" by Kim Crawley
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-402023