Infosec bits for 2024 week 36

Maajied Moos | Sept. 9, 2024, 7:56 a.m.

Cybersecurity News:

Ransomware crisis deepens as attacks and payouts rise [Helpnet Security, Helpnet Security]

Admins of MFA bypass service plead guilty to fraud [Bill Toulas, Bleeping Computer]

Why Incident Response Planning is Critical for Cybersecurity Resilience [Uzair Amir, Hack Read]

Improved Software Supply Chain Resilience Equals Increased Security [Josh Lemos, Dark Reading]

Rapid Growth of Password Reset Attacks Boosts Fraud and Account Takeovers [Stephen Pritchard, Info Security]

Vulnerabilities & Patches:

Critical Flaws in Progress Software WhatsUp Gold Expose Systems to Full Compromise [Ionut Arghire, Security Week]

Researchers find SQL injection to bypass airport TSA security checks [Sergiu Gatlan, Bleeping Computer]

Chrome 128 Updates Patch High-Severity Vulnerabilities [Ionut Arghire, Security Week]

D-Link says it is not fixing four RCE flaws in DIR-846W routers [Bill Toulas, Bleeping Computer]

VMWare releases Fusion vulnerability with 8.8 rating [Christian Vasquez, Cyberscoop]

Cisco warns of backdoor admin account in Smart Licensing Utility [Sergiu Gatlan, Bleeping Computer]

Malware:

Year-Long Malware Campaign Exploits NPM to Attack Roblox Developers [Waqas, Hackread]

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence [Abdelrahman Esmail and Sunil Bharti, Trend Micro]

GitHub comments abused to push password stealing malware masked as fixes [Lawrence Abrams, Bleeping Computer]

A deep dive into the most interesting incident response cases of last year [Eduardo Ovalle, Ahmad Zaidi Said and AbdulRhman Alfaifi, Secure List]

Researchers Find Over 22,000 Removed PyPI Packages at Risk of Revival Hijack [Ravie Lakshmanan, The Hacker News]

Breaches & Leaks:

Hackers inject malicious JS in Cisco store to steal credit cards, credentials [Ionut Ilascu, Bleeping Computer]

Microchip Technology confirms data was stolen in cyberattack [Sergiu Gatlan, Bleeping Computer]