1395 5E65 0C7A 5CEF 0373 F6E2 8982 15F5 6081 EBEB

Infosec bits for 2024 week 4

Sicelo Ncekana | Jan. 26, 2024, 2:43 p.m.

Cybersecurity news:

  • Microsoft Warns of Widening APT29 Espionage Attacks Targeting Global Orgs [Newsroom, The hacker news]
  • Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive - SecurityWeek [Eduard Kovacs, Security Week]
  • SEC Twitter hack blamed on SIM swap attack [Graham CLULEY, Bitdefender]
  • Watering Hole Attacks Push ScanBox Keylogger [Nate Nelson, Threatpost]
  • AI expected to increase volume, impact of cyberattacks [Helga Labus,, Help Net Security]
  • Pure Malware Tools Pose As Legitimate Software to Bypass AV Detections [Balaji, GBHackers on Security]

    • Vulnerabilities & Patches:

  • Hackers Abusing LSASS Process Memory To Exfiltrate Login Credentials [Guru Baran, GBHackers on Security]
  • Patched Apache ActiveMQ bug abused to drop Godzilla web shells [Shweta Sharma, CSO Online]
  • Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems [Newsroom, The hacker news]

    • Hacks & Breaches:

  • 26 Billion Records Released in “The mother of all breaches” [Jasdev Dhaliwal, McAfee]
  • Student Loan Breach Exposes 2.5M Records [Nate Nelson, Threatpost]

    • Contact Us:

    csirt {at} sanren.ac.za

    CSIRT:

    0x898215F56081EBEB

    Heloise:

    0xD367253D12C5BBBC

    Kgwadi:

    0xDD7E5C2E539972EB

    Sicelo:

    0x2346D2ACE7F536B6

    Maajied:

    0xEE9BE86AD16D89C2