Infosec bits for 2024 week 26
Sicelo Ncekana | June 30, 2024, 1:06 a.m.
Cybersecurity News:
Temu app considered malicious malware in new US lawsuit [Updated] (bizcommunity.com) [Lindsey Schutters, Bizz Community]
Fake software fixes fuel money-stealing malware threat | Fox News [Kurt Knutsson, Fox News]
Ransomware disrupts South Africa’s national health lab [SC Media, SC Media]
Vulnerabilities & Patches:
GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others [Newsroom, The Hacker News]
Skybox Security Report Reveals Key Vulnerability Trends Over Past Year [Anuj Mudaliar, Spiceworks]
Massive authentication vulnerability risks compromising much of the internet [Matt Binder, MSN]
Malware:
Snowblind malware abuses Android security feature to bypass security [Bill Toulas, Bleeping Computer]
Rust-Based P2PInfect Botnet Evolves with Miner and Ransomware Payloads [Newsroom, The Hacker News]
Poseidon malware menaces Mac users via GoogleAds [Shaun Nichols, SC Media]
Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations [Newsroom, The Hacker News]
New Medusa malware variants target Android users in seven countries [Bill Toulas, Bleeping Computer]
Breaches & Leaks:
Hacker Claims Indonesia Civil Aviation Data Breach (thecyberexpress.com) [Krishna Murthy, The Cyber xpress]
TeamViewer's corporate network was breached in alleged APT hack (bleepingcomputer.com) [Lawrence Abrams, Bleeping Computer]
Massive data breach exposes over 3 million Americans' personal information to cybercriminals | Fox News [Kurt Knutsson, Fox News]
Levi’s Data Breach: 72,000+ Customers’ Data Exposed [Dhivya, Cyber Security News]