Infosec bits for 2024 week 18

Heloise Meyer | May 3, 2024, 2:03 p.m.

Cybersecurity News:

South African firms paid ransomware attackers an average of R17.9 million [Daniel Puchert, MyBroadband]

Shadow APIs: An Overlooked Cyber-Risk for Orgs [Jai Vijayan, Dark Reading]

AI-driven phishing attacks deceive even the most aware users [Help Net Security, Help Net Security]

New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024 [Newsroom, The Hacker News]

Data Breaches & Leaks:

Panda Restaurants discloses data breach after corporate systems hack [Sergiu Gatlan, Bleeping Computer]

Dropbox says hacker accessed passwords, authentication info during breach [Jonathan Greig, The Record]

Malware:

Millions of Malicious Containers Found on Docker Hub [Alessandro Mascellino, Infosecurity Magazine]

Cuttlefish malware targets enterprise-grade SOHO routers [Pierluigi Paganini, SecurityAffairs]

Vulnerabilities & Patches:

New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw [Newsroom, The Hacker News]

HPE Aruba Networking fixes four critical RCE flaws in ArubaOS [Bill Toulas, Bleeping Computer]

Billions of Android Devices Open to 'Dirty Stream' Attack [Jai Vijayan, Dark Reading]

CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability [Newsroom, The Hacker News]

When is One Vulnerability Scanner Not Enough? [The Hacker News, The Hacker News]