Friday Wrap Up: 23 Aug 2024

It's been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.

Cybersecurity Breaches and Vulnerabilities

?? FlightAware alerts users to reset passwords following a data security incident that may have exposed personal information. (Published on 8/19/2024, Bleeping Computer). Read More

?? Google Pixel phones found with a Verizon app that serves as a potential backdoor for attackers. (Published on 8/19/2024, Dark Reading). Read More

??? A massive data breach has been confirmed in the National Public Data, underscoring the need for stronger data protection measures. (Published on 8/19/2024, Dark Reading). Read More

??? Bugs in Microsoft apps for macOS could allow attackers to take control of cameras, microphones, and screen recordings. (Published on 8/19/2024, Malware News). Read More

?? Banshee Stealer malware targets macOS systems, stealing data from browser extensions and iCloud Keychain. (Published on 8/19/2024, Malware News). Read More

?? Critical vulnerability in the GiveWP WordPress plugin exposed 100,000 sites to potential takeover. (Published on 8/20/2024, SecurityWeek). Read More

?? Major backdoor in millions of RFID cards enables instant cloning of smart cards used in offices and hotels. (Published on 8/20/2024, SecurityWeek). Read More

?? IRGC-linked hackers utilize a monolithic Trojan to consolidate malware backdoor operations. (Published on 8/20/2024, Dark Reading). Read More

?? August Windows updates cause dual-boot issues on Linux systems with Secure Boot enabled. (Published on 8/20/2024, BleepingComputer). Read More

?? Hackers lock Unicoin staff out of Google accounts for four days by compromising their Workspace account. (Published on 8/20/2024, BleepingComputer). Read More

New Threats and Exploits

?? New MoonPeak Trojan deployed by North Korean hackers in an ongoing cyber campaign. (Published on 8/21/2024, The Hacker News). Read More

?? New macOS malware 'TodoSwift' linked to North Korean hacking groups poses a fresh threat. (Published on 8/21/2024, The Hacker News). Read More

?? Google fixes a high-severity Chrome flaw actively exploited in the wild, preventing further attacks. (Published on 8/21/2024, The Hacker News). Read More

?? Hardcoded credential vulnerability found in SolarWinds Web Help Desk software prompts urgent patch. (Published on 8/22/2024, The Hacker News). Read More

Industry News and Reports

??? NSA issues new guidelines for improving logging and threat detection to combat living-off-the-land attacks. (Published on 8/22/2024, Dark Reading). Read More

??? Phrack hacker zine releases a new edition after a three-year hiatus, featuring latest insights and hacking techniques. (Published on 8/21/2024, BleepingComputer). Read More

?? Critical Jenkins RCE bug remains under active exploitation due to delayed patching efforts. (Published on 8/21/2024, Dark Reading). Read More

?? FBI Director warns of elevated threats ranging from cybercrime to terrorism, calling for increased cooperation with the private sector. (Published on 8/23/2024, SecurityWeek). Read More

Recent Cyberattacks and Incidents

?? Microchip Technology discloses a cyberattack impacting some of its manufacturing facilities. (Published on 8/21/2024, SecurityWeek). Read More

??? Halliburton confirms a cyberattack that led to a temporary shutdown of its systems. (Published on 8/23/2024, BleepingComputer). Read More

Unusual Cybercrime Stories

?? A hacker tried to fake his death by hacking state registries to avoid child support obligations. (Published on 8/23/2024, SecurityWeek). Read More

?? New Qilin ransomware attack involves VPN credential theft and Chrome data exfiltration, marking a novel attack vector. (Published on 8/23/2024, The Hacker News). Read More

??? Greasy Opal's CAPTCHA solver continues to fuel cybercrime after 16 years, providing tools to bypass account security solutions. (Published on 8/23/2024, BleepingComputer). Read More

and finally in non-cyber or tech news...

Entertainment News

??♂? Rings of Power introduces Ciarán Hinds as a new, mysterious Dark Wizard in season 2, raising questions about his true identity. (Published on 8/23/2024, Gizmodo). Read More

?? Lucasfilm's decision to move away from The Acolyte could signal a new direction for the future of Star Wars. (Published on 8/20/2024, Gizmodo). Read More

Science and Health

?? New research sheds light on how fasting impacts gut health, revealing its complex biological effects. (Published on 8/22/2024, Gizmodo). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!

Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.