1395 5E65 0C7A 5CEF 0373 F6E2 8982 15F5 6081 EBEB

Infosec bits for 2024 week 13

Kgwadi Matenche | March 28, 2024, 2:40 p.m.

Cybersecurity News:

  • Google fixes Chrome zero-days exploited at Pwn2Own 2024 [Sergiu Gatlan, Bleeping Computer]
  • InfoReg slaps TransUnion with enforcement notice [Simnikiwe Mzekandaba, ITWeb]
  • Darcula' Phishing-as-a-Service Operation Bleeds Victims Worldwide [John Leyden, Dark Reading]
  • Hackers poison source code from largest Discord bot platform [Bill Toulas, Bleeping Computer]

    • Vulnerabilities & Patches:

  • 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns [Zeljka Zorz, Help Net Security]

    • Breaches & Leaks:

  • INC Ransom threatens to leak 3TB of NHS Scotland stolen data [Bill Toulas, Bleeping Computer]
  • South African packaging giant hit by data breach [Staff Writer, MyBroadband]
  • Municipalities in Texas, Georgia see services disrupted following ransomware attacks [Jonathan Greig, Recorded Future News]

    • Others:

  • Recent ‘MFA Bombing’ Attacks Targeting Apple Users [Brian Krebs, Krebs on Security]
  • Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions [Newsroom, The Hacker News]

    • Contact Us:

    csirt {at} sanren.ac.za

    CSIRT:

    0x898215F56081EBEB

    Heloise:

    0xD367253D12C5BBBC

    Kgwadi:

    0xDD7E5C2E539972EB

    Sicelo:

    0x2346D2ACE7F536B6

    Maajied:

    0xEE9BE86AD16D89C2