Infosec bits for 2024 week 6
Heloise Meyer | Feb. 9, 2024, 2:39 p.m.
Cybersecurity News:
No, 3 million electric toothbrushes were not used in a DDoS attack [Lawrence Abrams, Bleeping Computer]
Cameroon's power utility suffers a cyber attack [Amindeh Blaise Atabong, ITWeb]
African Cybersecurity: Facing 2024's Biggest Hurdles [Tracy Z. Maleeff, Dark Reading]
LockBit Reigns Supreme in Soaring Ransomware Landscape [Kevin Poireault, Infosecurity Magazine]
South African Railways Lost Over $1M in Phishing Scam [John Leyden, Dark Reading]
Forget Deepfakes or Phishing: Prompt Injection is GenAI's Biggest Problem [Ericka Chickowski, Dark Reading]
Report Highlights Rising Threat of C-Suite QR Code Attacks [Marcus Law, Technology Magazine]
Data Breaches:
Verizon insider data breach hits over 63,000 employees [Bill Toulas, Bleeping Computer]
AnyDesk Hit by Cyber-Attack and Customer Data Breach [Kevin Poireault, Infosecurity Magazine]
Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs [Newsroom, The Hacker News]
Vulnerabilities & Exploits:
Critical Remote Code Execution Vulnerability Patched in Android [Ionut Arghire, SecurityWeek]
New Fortinet RCE flaw in SSL VPN likely exploited in attacks [Lawrence Abrams, Bleeping Computer]
Leaky Vessels' Container Escape Vulnerabilities Impact Docker, Others [Eduard Kovacs, SecurityWeek]