1395 5E65 0C7A 5CEF 0373 F6E2 8982 15F5 6081 EBEB

Infosec bits for 2024 week 2

Heloise Meyer | Jan. 11, 2024, 11 a.m.

Cybersecurity news:

  • Insider cyber threats hamper SA firms [Simnikiwe Mzekandaba, ITweb]
  • Social engineer reveals effective tricks for real-world intrusions [Mirko Zorz, Help Net Security]
  • There is a Ransomware Armageddon Coming for Us All [The Hacker News, The Hacker News]
  • If you prepare, a data security incident will not cause an existential crisis [Dan Alam, Help Net Security]
  • Vulnerabilities & Patches:

  • Nearly 11 million SSH servers vulnerable to new Terrapin attacks [Bill Toulas, Bleeping Computer]
  • Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability [Newsroom, The Hacker News]
  • Google Patches Six Vulnerabilities With First Chrome Update of 2024 [Ionut Arghire, Security Week]
  • Microsoft's January 2024 Windows Update Patches 48 New Vulnerabilities [Newsroom, The Hacker News]
  • Malware:

  • Linux devices are under attack by a never-before-seen worm [Dan Goodin, Ars Technica]
  • Details of a new, novel advanced malware attack using Microsoft Office [X-Labs Researcher, Forcepoint]
  • Hacks & Breaches:

  • China claims it cracked Apple's AirDrop to find numbers, email addresses [Lawrence Abrams, Bleeping Computer]
  • Entire population of Brazil possibly exposed in massive data leak [Paulina Okunytė, Cybernews]
  • Framework discloses data breach after accountant gets phished [Sergiu Gatlan, Bleeping Computer]