1395 5E65 0C7A 5CEF 0373 F6E2 8982 15F5 6081 EBEB

Infosec bits for 2024 week 39

Sicelo Ncekana | Sept. 27, 2024, 3:26 p.m.

Cybersecurity News:

  • Criminals go after South African retirement savings using AI [Shaun Jacobs, Daily Investor]
  • Is cybersecurity broken? [Sammy Gecsoyler and Nadeem Badshah, The Guardian]
  • The evolution of cybersecurity in the construction industry [Creamer Media Reporter, Engineering News]
  • MoneyGram goes offline as it investigates cybersecurity problem [Kate Gibson, CBS News]
  • Is cybersecurity broken? [George Herald, George Herald]

    • Vulnerabilities & Patches:

  • Hackers Abuse HTML Smuggling Technique To Deliver Sophisticated Phishing Page [Tushar Subhra Dutta, Cyber Security News]
  • Securing SMBs through patching and continuous vulnerability management [CyberStack, Tech Central]
  • Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers [Ravie Lakshmanan, The Hacker News]
  • Critical bug found in Kia’s portal could be used to locate, hack millions of cars: Report [The Hindu Bureau, The Hindu Bureau]
  • VLC Media Player Update Needed: CVE-2024-46461 Discovered [Do Son, Security Online]
  • Critical Unauthenticated RCE Flaw Impacts all GNU/Linux systems [Dhivya, Cyber Security News]

    • Malware:

  • New RomCom malware variant 'SnipBot' spotted in data theft attacks [Bill Toulas, Bleeping Computer]
  • New threats to Chrome's security: Infostealer malware breaches defenses [Priya Ahluwalia, Android Headlines]
  • Octo2 Android malware: A new threat spreading across Europe [iZOOlogic, iZOOlogic]
  • watering hole campaign against Kurdish websites [Sekoia TDR, Felix Aimé and Maxime A, Sekoia Blog]
  • Critical WhatsUp Gold Vulnerabilities Demand Immediate Action [Do Son, Security Online]
  • Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware [Ravie Lakshmanan, The Hacker News]

    • Breaches & Leaks:

  • Meta fined $101.5M for 2019 breach that exposed hundreds of millions of Facebook passwords [Natasha Lomas, TC]
  • Telegram Hackers Expose Millions Through Health Data Breach [Evrim Ağacı, THE PINNACLE GAZETTE]
  • Hackers Claim Second Dell Data Breach in One Week [Waqas, Hack Read]

    • Contact Us:

    csirt {at} sanren.ac.za

    CSIRT:

    0x898215F56081EBEB

    Heloise:

    0xD367253D12C5BBBC

    Kgwadi:

    0xDD7E5C2E539972EB

    Sicelo:

    0x2346D2ACE7F536B6

    Maajied:

    0xEE9BE86AD16D89C2