Infosec bits for 2024 week 4
Sicelo Ncekana | Jan. 26, 2024, 2:43 p.m.
Cybersecurity news:
Microsoft Warns of Widening APT29 Espionage Attacks Targeting Global Orgs [Newsroom, The hacker news]
Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive - SecurityWeek [Eduard Kovacs, Security Week]
SEC Twitter hack blamed on SIM swap attack [Graham CLULEY, Bitdefender]
Watering Hole Attacks Push ScanBox Keylogger [Nate Nelson, Threatpost]
AI expected to increase volume, impact of cyberattacks [Helga Labus,, Help Net Security]
Pure Malware Tools Pose As Legitimate Software to Bypass AV Detections [Balaji, GBHackers on Security]
Vulnerabilities & Patches:
Hackers Abusing LSASS Process Memory To Exfiltrate Login Credentials [Guru Baran, GBHackers on Security]
Patched Apache ActiveMQ bug abused to drop Godzilla web shells [Shweta Sharma, CSO Online]
Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems [Newsroom, The hacker news]
Hacks & Breaches:
26 Billion Records Released in “The mother of all breaches” [Jasdev Dhaliwal, McAfee]
Student Loan Breach Exposes 2.5M Records [Nate Nelson, Threatpost]