News

Hi folks,

Almost missed an issue for the first time, but hell no! Yesterday was filled with studying and a test, next Friday is the big exam. After that normal business should resume :-)

Thanks for bearing with me!

Dieter





Quick stories

  • HackerOne urges U.S. to advocate for research protections in UN cybercrime treaty: link.
  • North Korean hackers create Flutter apps to bypass macOS security: link.
  • iPhones now auto-restart to block access to encrypted data after long idle times: link.

Breaches and leaks

  • Amazon confirms employee data breach after vendor hack: link.
  • HIBP notifies 57 million people of Hot Topic data breach: link.
  • Leaked info of 122 million linked to B2B data aggregator breach: link.
  • Botnet exploits GeoVision zero-day to install Mirai malware: link.
  • 2 million records, including the PII of job seekers, exposed online by a tech recruitment service: link.
  • Halliburton reports $35 million loss after ransomware attack: link.
  • Hungary confirms hack of defense procurement agency: link.
  • Wisconsin city of Sheboygan says ransom demanded after cyberattack: link.
  • Cyberattack causes credit card readers to malfunction in Israel: link.

Issues and fixes

  • Mystery Palo Alto Networks 0-day RCE now actively exploited: link.
  • Palo Alto Networks’ customer migration tool hit by trio of CVE exploits: link.
  • Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws: link.
  • Unpatched Mazda Connect bugs let hackers install persistent malware: link.
  • Critical bug in EoL D-Link NAS devices now exploited in attacks: link.
  • Critical Veeam RCE bug now used in Frag ransomware attacks: link.
  • Microsoft says recent Windows 11 updates break SSH connections: link.