Infosec bits for 2024 week 40

Maajied Moos | Oct. 7, 2024, 8:03 a.m.

Cybersecurity News:

3 tips for securing IoT devices in a connected world [Marc Laliberte, Help Net Security]

Red team hacker on how she 'breaks into buildings and pretends to be the bad guy' [Jessica Lyons, The Register]

[Help Net Security, Help Net Security]

Cracking the Cloud: The Persistent Threat of Credential-Based Attacks [Kevin Townsend, Security Week]

The fix for BGP's weaknesses has big, scary, issues of its own, boffins find [Simon Sharwood, The Register]

Vulnerabilities & Patches:

Progress urges admins to patch critical WhatsUp Gold bugs ASAP [Sergiu Gatlan, Bleeping Computer]

Arc browser launches bug bounty program after fixing RCE bug [Bill Toulas, Bleeping Computer]

Zimbra RCE Vuln Under Attack Needs Immediate Patching [Jai Vijayan, Dark Reading]

Spooky action: Phantom domains create hijackable hyperlinks [Doug Bonderud, Security Intelligence]

DrayTek fixed critical flaws in over 700,000 exposed routers [Bill Toulas, Bleeping Computer]

Malware:

New HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking Users [Ravie Lakshmanan, The Hacker News]

JPCERT shares Windows Event Log tips to detect ransomware attacks [Bill Toulas, Bleeping Computer]

MDR in Action: Preventing The More_eggs Backdoor From Hatching [Ryan Soliven, Maria Emreen Viray, Fe Cureg, Trend Micro]

New PyPI Malware Poses as Crypto Wallet Tools to Steal Private Keys [WAQAS, Hack Read]

Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning [Chris Navarrete,Qian Feng,Durgesh Sangvikar,Yanhui Jia, Unit 42 Paloalto Networks]

Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit [Ravie Lakshmanan, The Hacker News]

Breaches & Leaks:

Agence France-Presse says cyberattack targeted IT systems [Jonathan Greig, The Record]

Facial DNA provider leaks biometric data via WordPress folder [WAQAS, Hack Read]