Revoked Certs, Microsoft Outage, and Sitting Ducks

Security Digest for 2 August 2024:

Podcast Requested Feedback: https://forms.gle/w2RB5DRzbbvu3ziS7

Notable News:
Certificate Revocation Incident | DigiCert
1910322 - DigiCert: Random value in CNAME without underscore prefix (mozilla.org)
DigiCert Status - DigiCert Revocation Incident (CNAME-Based Domain Validation)

Azure status history | Microsoft Azure

Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps - Zimperium

Zscaler ThreatLabz 2024 Ransomware Report I Threat Research
Cost of a data breach 2024 | IBM

OneDrive Pastejacking (trellix.com)

Threat actor impersonates Google via fake ad for Authenticator | Malwarebytes

BingoMod: The new android RAT that steals money and wipes data | Cleafy Labs

Who Knew? Domain Hijacking is So Easy | Infoblox
Ducks Now Sitting (DNS): Internet Infrastructure Insecurity - Eclypsium | Supply Chain Security for the Modern Enterprise

Threat Actor Abuses Cloudflare Tunnels to Deliver RATs | Proofpoint US

Ransomware Details | OneBlood

Prevalent Patches:
Security notices | Ubuntu

Red Hat Product Errata - Red Hat Customer Portal

CISA Corner:

CISA Adds One Known Exploited Vulnerability to Catalog | CISA
CISA Releases Nine Industrial Control Systems Advisories | CISA
CISA Names First Chief Artificial Intelligence Officer | CISA