Security Brief: LastPass, GhostEngine,Rockwel,OmniVision, QNAP QTS, Apple, Google, Incognito darkweb

Welcome to Security brief for week 21
#cybernews #cybersecurity #informationsecurity #infosec

OUTLINE:

00:00:00 - Welcome
00:00:06 - QNAP QTS zero-day in Share feature gets public RCE exploit
00:01:33 - Owner of Incognito dark web drugs market arrested in New York
00:03:29 - OmniVision discloses data breach after 2023 ransomware attack
00:05:33 - Rockwell Automation warns admins to take ICS devices offline
00:06:34 - GhostEngine mining attacks kill EDR security using vulnerable drivers
00:08:30 - LastPass is now encrypting URLs in password vaults for better security
00:09:42 - Intercontinental Exchange to pay $10M SEC penalty over VPN breach
00:11:16 - Northern Ireland police faces £750k fine after exposing staff info
00:13:30 - Apple wasn’t storing deleted iOS photos in iCloud after all
00:14:26 - Microsoft spots gift card thieves using cyber-espionage tactics
00:16:05 - Google fixes eighth actively exploited Chrome zero-day this year
00:17:01 - End

Sources:

QNAP QTS zero-day in Share feature gets public RCE exploit
https://www.bleepingcomputer.com/news/security/qnap-qts-zero-day-in-share-feature-gets-public-rce-exploit/

Owner of Incognito dark web drugs market arrested in New York
https://www.bleepingcomputer.com/news/security/owner-of-incognito-dark-web-drugs-market-arrested-in-new-york/

OmniVision discloses data breach after 2023 ransomware attack
https://www.bleepingcomputer.com/news/security/omnivision-discloses-data-breach-after-2023-ransomware-attack/

Rockwell Automation warns admins to take ICS devices offline
https://www.bleepingcomputer.com/news/security/rockwell-automation-warns-admins-to-take-ics-devices-offline/

GhostEngine mining attacks kill EDR security using vulnerable drivers
https://www.bleepingcomputer.com/news/security/ghostengine-mining-attacks-kill-edr-security-using-vulnerable-drivers/

LastPass is now encrypting URLs in password vaults for better security
https://www.bleepingcomputer.com/news/security/lastpass-is-now-encrypting-urls-in-password-vaults-for-better-security/

Intercontinental Exchange to pay $10M SEC penalty over VPN breach
https://www.bleepingcomputer.com/news/security/intercontinental-exchange-to-pay-10m-sec-penalty-over-vpn-breach/

Northern Ireland police faces £750k fine after exposing staff info
https://www.bleepingcomputer.com/news/security/northern-ireland-police-faces-750k-fine-after-exposing-staff-info/

Apple wasn’t storing deleted iOS photos in iCloud after all
https://www.bleepingcomputer.com/news/security/apple-wasnt-storing-deleted-ios-photos-in-icloud-after-all/

Microsoft spots gift card thieves using cyber-espionage tactics
https://www.bleepingcomputer.com/news/security/microsoft-spots-gift-card-thieves-using-cyber-espionage-tactics/

----------
Follow me:
youtube @kevnowledgy
instagram.com @kevnowledgyy
X.com @kevnowledgy