Infosec bits for 2024 week 27

Heloise Meyer | July 5, 2024, 5:04 p.m.

Cybersecurity News:

Organizations use outdated approaches to secure APIs [Help Net Security, Help Net Security]

The Hidden Danger of PDF Files with Embedded QR Codes [Security News, SonicWall]

AI in the workplace: The good, the bad, and the algorithmic [Imogen Byers, We Live Security]

Friend or Foe? AI's Complicated Role in Cybersecurity [Dilip Bachwani, Dark Reading]

Vulnerabilities & Patches:

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems [Newsroom, The Hacker News]

Juniper releases out-of-cycle fix for max severity auth bypass flaw [Bill Toulas, BleepingComputer]

Hackers Exploiting HTTP File Server Remote Code Execution Vulnerability in Wild [Dhivya, Cyber Security News]

Cisco warns of NX-OS zero-day exploited to deploy custom malware [Sergiu Gatlan, BleepingComputer]

Cyber Attacks & Breaches:

Ethereum mailing list breach exposes 35,000 to crypto draining attack [Bill Toulas, BleepingComputer]

WordPress Plugins at Risk From Polyfill Library Compromise [Alessandro Mascellino, Infosecurity Magazine]

OVHcloud blames record-breaking DDoS attack on MikroTik botnet [Bill Toulas, BleepingComputer]

New ransomware group uses phone calls to pressure victims, researchers say [Daryna Antoniuk, The Record]

Fake IT support sites push malicious PowerShell scripts as Windows fixes [Lawrence Abrams, BleepingComputer]

Malware:

GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks [Newsroom, The Hacker News]

Tooling:

Secator: Open-source pentesting Swiss army knife [Help Net Security, Help Net Security]