Connect with us

Hi, what are you looking for?



In Other News: Hacking Encrypted Linux Computers, Android Fuzzing, Skype Leaking IPs

Weekly cybersecurity news roundup providing a summary of noteworthy stories that might have slipped under the radar.

Cybersecurity news roundup

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

Here are this week’s stories

Quickly hitting Enter key to hack an encrypted Linux computer 

Researchers at Pulse Security discovered that an attacker who has physical access to an encrypted Linux system can gain local root access to the computer — bypassing full-disk encryption — by quickly hitting Enter on the keyboard or using a special device to simulate the process. These types of attacks are not new. 

High-severity vulnerability patched in Chrome 

Advertisement. Scroll to continue reading.

A new Chrome 116 update patches a high-severity use-after-free vulnerability. These types of flaws can typically be combined with other bugs for sandbox escapes and remote code execution. The bug bounty for the vulnerability has yet to be determined by Google. 

Google details Android fuzzing efforts

Google has published a blog post detailing its Android fuzzing efforts, including how it finds vulnerabilities, why it continues to invest in fuzzing, challenges, and how others can contribute. 

Top-level domains and DNS issues

Cisco Talos has conducted research into top-level domain (TLDs) and DNS issues, highlighting potential risks related to the .kids TLD, ‘zombified’ DNS name issues related to various country TLDs, as well as problems with second-level TLDs. 

Skype mobile app is leaking IP addresses

The Skype mobile application is leaking IP addresses, according to a report from 404 Media. A hacker can obtain a targeted user’s IP by sending them a link over Skype — the victim does not have to interact with the link. Microsoft has been notified, but the company is not rushing to patch it. 

Rackspace says cost of ransomware attack remediation tops $10 million (so far)

After being hit by a ransomware attack in December 2022, cloud computing company Rackspace said in a recent earnings presentation that it has spent $10.8 million so far responding to the incident that impacted its hosted Exchange infrastructure, forcing it to sunset the offering. The company said it expects to continue to incur legal and other professional services costs in future periods.

University of Michigan cyberattack

The University of Michigan has been targeted in a cyberattack that resulted in significant disruptions to its systems, as well as internet outages. The university has not shared any information on the attack itself, citing an ongoing investigation. 

CISA and FBI release QakBot infrastructure indicators of compromise (IOCs)

CISA and the FBI have released IoCs associated with the recently disrupted QakBot botnet infrastructure. The botnet was targeted as part of an international law enforcement operation that involved the distribution of a utility designed to automatically remove the malware from infected systems.  

Classiscam cybercrime groups made millions by scamming users worldwide

Group-IB has a report on Classiscam, a scam operation that has allowed hundreds of cybercrime groups to make nearly $65 million by targeting individuals across 79 countries, tricking them into sending money for inexistent goods sold online. An automated scam-as-a-service program has made it easier for scammers to conduct their activities. 

Malwarebytes laying off 100 employees 

Cybersecurity firm Malwarebytes has laid off 100 employees as it prepares to separate its consumer- and enterprise-focused business units. Last year, the company terminated 14% of its staff (roughly 125 people). 

Related: In Other News: Africa Cybercrime Crackdown, Unpatched macOS Flaw, Investor Disclosures

Related: In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.