Here are this week’s highlights in cybersecurity:

  • A comprehensive report on Ransomware-as-a-Service operations was published by Microsoft describing the inner workings, active threat actors and more. More
  • Costa Rica was hit by Conti ransomware and the hacker group published over 600 GB of government data. More
  • SentinelOne discovered 2 10 year old vulnerabilities in Avast/AVG antivirus. The vulnerabilities can be triggered from sandboxes and might be exploitable in contexts other than just local privilege escalation because they are located in kernel drivers. More
  • CISA released an advisory for a 9.8 Critical vulnerability in F5 BIG-IP. Exploiting the issues leads to an authentication bypass. More
  • A recent report describes malware that stores shellcode in Windows event logs. More
  • NCC Group released a report describing social engineering tactics used by Lazarus group when targeting employees. More
  • Google announced that Chrome & Android users will be able to use Virtual Credit Cards instead of the real credit card number. More
  • The EU published a proposal that if approved might mean the end of privacy and end-to-end encryption. More
  • Apple, Google & Microsoft commited to accelerate availability of passwordless authentication (using private keys). More
  • Crowdstrike published a paper describing the inner workings of an IIS in-memory exploitation framework. More

Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.