Infosec bits for 2024 week 6

Heloise Meyer | Feb. 9, 2024, 2:39 p.m.

Cybersecurity News:

No, 3 million electric toothbrushes were not used in a DDoS attack [Lawrence Abrams, Bleeping Computer]

Cameroon's power utility suffers a cyber attack [Amindeh Blaise Atabong, ITWeb]

African Cybersecurity: Facing 2024's Biggest Hurdles [Tracy Z. Maleeff, Dark Reading]

LockBit Reigns Supreme in Soaring Ransomware Landscape [Kevin Poireault, Infosecurity Magazine]

South African Railways Lost Over $1M in Phishing Scam [John Leyden, Dark Reading]

Forget Deepfakes or Phishing: Prompt Injection is GenAI's Biggest Problem [Ericka Chickowski, Dark Reading]

Report Highlights Rising Threat of C-Suite QR Code Attacks [Marcus Law, Technology Magazine]

Data Breaches:

Verizon insider data breach hits over 63,000 employees [Bill Toulas, Bleeping Computer]

AnyDesk Hit by Cyber-Attack and Customer Data Breach [Kevin Poireault, Infosecurity Magazine]

Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs [Newsroom, The Hacker News]

Vulnerabilities & Exploits:

Critical Remote Code Execution Vulnerability Patched in Android [Ionut Arghire, SecurityWeek]

New Fortinet RCE flaw in SSL VPN likely exploited in attacks [Lawrence Abrams, Bleeping Computer]

Leaky Vessels' Container Escape Vulnerabilities Impact Docker, Others [Eduard Kovacs, SecurityWeek]