Brief

Brief #65: Critical Windows IPv6 Flaw, Malicious Browser Extensions, EDR-Killing Malware, and AI-Generated Election Influence

Week 33: Critical Windows IPv6 flaw likely to be exploited, widespread malware installs malicious browser extensions, new EDR-killing malware discovered, and OpenAI bans accounts using ChatGPT for election influence.

10 min read
mandos brief newsletter for cybersecurity professionals for week 33 of 2024

Before you start your Monday, catch up on the latest in cybersecurity!

A widespread malware campaign is forcefully installing malicious browser extensions, while OpenAI takes action against accounts linked to an Iranian influence operation using ChatGPT. On the business front, CrowdStrike is in talks to acquire Action1, potentially enhancing their update processes.


Mandos Brief - Industry News
Mandos Brief - Industry News

Critical Windows IPv6 RCE Vulnerability Likely to Be Exploited


Widespread Malware Campaign Forcefully Installs Malicious Browser Extensions


New EDR-Killing Malware Loader Discovered: EDRKillShifter


GitHub Open Source Projects Exposed to Attack via Workflow Artifacts


0.0.0.0 Day: Browsers Allow Websites to Exploit Local Services

Mandos Brief - Leadership Insights
Mandos Brief - Leadership Insights

CISOs Share Strategies for Thriving in a VUCA World


Securing Development Workflows: Insights from Field CISO Paul Davis


Security is a Subset of Software Quality, But Challenges Remain


Mandos Brief - Career Development
Mandos Brief - Career Development

Suspicious Activity Discovered During Windows Forensic Investigation


Sysadmins Share How Attackers Breached Their Systems


Foundations of Operationalizing MITRE ATT&CK Course Introduces Key Concepts


Mandos Brief - AI & Security
Mandos Brief - AI & Security

OpenAI Bans Accounts Linked to Iranian Influence Operation Using ChatGPT


Securing LLM-Backed Systems Requires Careful Authorization Design


MIT Researchers Create "Living Database" of 777 AI Risks


Mandos Brief - Market Analysis
Mandos Brief - Market Analysis

CrowdStrike in Talks to Acquire Action1 for $1B After Falcon Update Mishap


Medical Device Cybersecurity Solutions Market to Reach $32.94 Billion by 2028


Insight Partners and Sixth Street Invest $456M in Kiteworks at $1B+ Valuation


Mandos Brief - Cybersecurity Tools
Mandos Brief - Cybersecurity Tools

Bane

Custom AppArmor profile generator for Docker containers with file globbing.


Chaosreader

Chaosreader is a tool for ripping files from network sniffing dumps and replaying various protocols and file transfers.


Whatweb

A next-generation web scanner that identifies websites and recognizes web technologies, including content management systems, blogging platforms, and more.

Thank You

If you found this newsletter useful, I'd really appreciate if you could forward it to your friends and share your feedback below!

Have questions? Let me know in the comments or on LinkedIn and Mastodon.

Best, 
Nikoloz

Share This Post

Check out these related posts

Brief #83: TP-Link Ban, LastPass Breach Impact, SOC Analyst Crisis

  • Nikoloz Kokhreidze
by Nikoloz Kokhreidze | | 9 min read

Brief #82: Apple iCloud Vulnerability, Cloud Security Skills Gap, SolarWinds ARM Flaw

  • Nikoloz Kokhreidze
by Nikoloz Kokhreidze | | 9 min read

Brief #81: OpenAI Container Risks, Cloudflare Tunnel Attacks, AWS IR Service Launch

  • Nikoloz Kokhreidze
by Nikoloz Kokhreidze | | 9 min read