Mar 3, 2024
6 min read
Brief #41: 100k Infected Repos, Lazarus Zero-Day, Ubiquiti Hack
Ad fraud campaign using 8k+ domains, Lazarus Group's Windows zero-day exploit, and Russian hackers' Ubiquiti routers hijack.
The Mandos Brief gives you a quick, 3-minute rundown of the week's top cybersecurity updates. It's your go-to source for staying informed and cyber-aware, fast.
Ad fraud campaign using 8k+ domains, Lazarus Group's Windows zero-day exploit, and Russian hackers' Ubiquiti routers hijack.
US pharmacies hit by nation-state cyberattack, Apple Shortcuts vulnerability, Microsoft's PyRIT for AI security, SSH-Snake exploited, LockBit disrupted.
Week's focus: iOS Trojan GoldPickaxe targeting APAC, Akira ransomware exploits Cisco vulnerability. Plus, Exchange Server risk and state-sponsored attacks.
This week: Critical Linux Shim vulnerability exposed, Chinese espionage on Dutch Military, massive data theft by ResumeLooters, Ivanti's patch, BitLocker bypass.
This week's highlights: Nation-state hacks Cloudflare, Vimeo used for malware delivery. Mercedes GitHub leak & EFB hacking risks.
APT29's bold attacks on HPE and Microsoft, the rise of Blackwood APT with NSPX30, Jenkins server vulnerabilities, and more
Explore Mandos Brief #35, week 3 of 2024: Midnight Blizzard's Microsoft email breach, Naz.API's 70M password leak, Chrome's critical zero-day. Stay secure.
Explore Mandos Brief #34 for week 2 of 2024: GitLab's account takeover flaw, Ivanti VPN's APT exploitation, SpectralBlur backdoor, and latest ransomware decryptors.
SMTP Smuggling impacts email security, Google's MultiLogin exploit, BGP hijacking at Orange Spain, Bitwarden's CVE-2023-27706, and new DLL Hijacking in Windows.
Get the CISO Lens: founder-led positioning audits, competitive benchmarks, and advisory for cybersecurity vendors who need CISOs to actually pay attention.
