Infosec bits for 2024 week 37

Kgwadi Matenche | Sept. 13, 2024, 3:38 p.m.

Cybersecurity News:

RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software [Bill Toulas, Bleeping Computer]

Hackers have sights set on four Microsoft vulnerabilities, CISA warns [Jonathan Greig, Recorded Future News]

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking [Ravie Lakshmanan, The Hacker News]

Vulnerabilities & Patches:

Adobe fixes Acrobat Reader zero-day with public PoC exploit [Lawrence Abrams, Bleeping Computer]

Palo Alto Networks Patches Dozens of Vulnerabilities [Eduard Kovacs, SecurityWeek]

GitLab warns of critical pipeline execution vulnerability [Bill Toulas, Bleeping Computer]

Chrome 128 Update Resolves High-Severity Vulnerabilities [Ionut Arghire, SecurityWeek]

Emergency Fix Issued for 10/10 Severity Vulnerability in LoadMaster Products [Waqas, Hackread]

Breaches & Leaks:

Fortinet Confirms Limited Data Breach After Hacker Leaks 440 GB of Data [Waqas, Hackread]

Highline Public Schools school district suspended its activities following a cyberattack[Pierluigi Paganini, Security Affairs]

Cyber-Attack on Payment Gateway Exposes 1.7 Million Credit Card Details [James Coker, Infosecurity Magazine]

Others:

Fake password manager coding test used to hack Python developers [Bill Toulas, Bleeping Computer]