1395 5E65 0C7A 5CEF 0373 F6E2 8982 15F5 6081 EBEB

Infosec bits for 2024 week 8

Maajied Moos | Feb. 26, 2024, 8:03 a.m.

Cybersecurity news:

  • SolarWinds fixes critical RCE bugs in access rights audit solution [Edge Editors, Dark Reading]
  • Cyber threats cast shadow over 2024 elections [Help Net Security, Help Net Security]
  • Clean links and sophisticated scams mark new era in email attacks [Help Net Security, Help Net Security]
  • Watching out for the fakes: How to spot online disinformation [Márk Szabó, We Live Security]
  • Vulnerabilities & Patches:

  • Eight Vulnerabilities Disclosed in the AI Development Supply Chain [Kevin Townsend, Security Week]
  • SolarWinds fixes critical RCE bugs in access rights audit solution [Sergiu Gatlan, Bleeping Computer]
  • Over 28,500 Exchange servers vulnerable to actively exploited bug [Bill Toulas, Bleeping Computer]
  • Hackers exploit critical RCE flaw in Bricks WordPress site builder [Bill Toulas, Bleeping Computer]
  • VMware client plug-in has critical vulnerability [Richard Chirgwin, IT News]
  • Chrome 122, Firefox 123 Patch High-Severity Vulnerabilities [Ionut Arghire, Security Week]
  • Critical ConnectWise RMM Bug Poised for Exploitation Avalanche [Tara Seals, Dark Reading]
  • Hacks & Breaches:

  • ALPHV ransomware claims loanDepot, Prudential Financial breaches [Sergiu Gatlan, Bleeping Computer]
  • Chinese Hacking Contractor iSoon Leaks Internal Documents [Akshaya Asokan, David Perera, Bank Info Security]
  • Malware:

  • Alpha ransomware linked to NetWalker operation dismantled in 2021 [Bill Toulas, Bleeping Computer]
  • Iran Warship Aiding Houthi Pirates Hacked by US [Dark Reading Staff, Dark Reading]
  • Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices [Newsroom, The Hacker News]
  • LockBit ransomware gang disrupted by global operation [Simon Sharwood, The Register]
  • Top UK Universities Recovering Following Targeted DDoS Attack [James Coker, InfoSecurity Magazine]