TLDR

TLDR Information Security 2024-02-09

Helmet app silent tracking flaw πŸ‚, Cybercrime duo found stealing $2.5M from Apple 🍏, Ransomware payments reached $1.1B πŸ’Έ

πŸ”“
Attacks & Vulnerabilities

Security flaw in a popular smart helmet allowed silent location tracking (3 minute read)

Chinese Hacking Campaign Aimed at Critical Infrastructure Goes Back Five Years (2 minute read)

Critical Boot Loader Vulnerability in Shim Impacts Nearly All Linux Distros (3 minutes read)

🧠
Strategies & Tactics

Yara Threat Detection Lab (6 minute read)

KMS Key Policy Privilege Escalation (5 minute read)

Shellcode evasion using WebAssembly and Rust (5 minute read)

πŸ§‘β€πŸ’»
Launches & Tools

reNgine (GitHub Repo)

electroniz3r (GitHub Repo)

Ansible Role Hardening (GitHub Repo)

🎁
Miscellaneous

US agency declares AI cloned voice robocalls illegal (3 minute read)

Cybercrime duo accused of picking $2.5M from Apple's orchard (4 minute read)

Surge in deepfake β€œFace Swap” attacks puts remote identity verification at risk (2 minute read)

⚑️
Quick Links

Critical Security Issue Affecting TeamCity On-Premises (CVE-2024-23917) – Update to 2023.11.3 Now (5 minute read)

Hack Tricks Plagiarized Content From Cloud Creators (X Thread)

Ransomware Payments Reached Record $1.1B in 2023 (3 minute read)

Curated news πŸ“°, research πŸ§‘β€πŸ”¬, and tools πŸ”’ for information security professionals
Join 300,000 readers for one daily email
PrivacyCareersAdvertise