TLDR

TLDR Information Security 2024-07-31

Mandrake Android Spyware πŸ‘οΈβ€πŸ—¨οΈ, Selenium Grid services malware πŸ”Œ, Google workspace auth bypass πŸ”“

The [streaming] CISO Summit β€” let's talk data security (Sponsor)

πŸ”“
Attacks & Vulnerabilities

Ransomware Operators Exploit Hypervisor Vulnerability for Mass Encryption (9 minute read)

Thousands Download New Mandrake Android Spyware Version From Google Play (2 minute read)

Meta's AI safety system defeated by the space bar (3 minute read)

🧠
Strategies & Tactics

SeleniumGreed: Threat Actors Exploit Exposed Selenium Grid Services for Cryptomining (10 minute read)

Breaking iChano AtHome's Network Encryption With Frida (6 minute read)

How to Write a Generative AI Cybersecurity Policy (6 minute read)

πŸ§‘β€πŸ’»
Launches & Tools

RedGuard (GitHub Repo)

Lineaje (Product Launch)

Arcjet-js (GitHub Repo)

Flashpoint 2024 Global Threat Intelligence Report: what's causing the surge in data theft and ransomware? (Sponsor)

🎁
Miscellaneous

SideWinder Utilizes New Infrastructure to Target Ports and Maritime Facilities in the Mediterranean Sea (9 minute read)

Meta to pay $1.4 billion settlement with Texas over facial recognition and photo tags (3 minute read)

Controversial internet bill KOSA passed by Senate (4 minute read)

⚑️
Quick Links

AI-Powered Deepfake Tools Becoming More Accessible Than Ever (2 minute read)

Crooks Bypassed Google's Email Verification to Create Workspace Accounts, Access 3rd-Party Services (2 minute read)

Cyber ransom payments will need to be disclosed by Australian businesses under new laws (6 minute read)

Curated news πŸ“°, research πŸ§‘β€πŸ”¬, and tools πŸ”’ for information security professionals
Join 280,000 readers for one daily email