It's been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.

Malware and Cyberattacks

🚨 Android's Necro malware infects 11 million devices via malicious SDKs on Google Play, exposing users to significant security risks. (Published on 9/23/2024, BleepingComputer). Read More

🐍 North Korean actors deploy new PondRAT malware via poisoned Python packages, targeting software developers. (Published on 9/23/2024, The Hacker News). Read More

🚰 Kansas water plant hit by a cyberattack, forcing manual operations to ensure the water supply remains unaffected. (Published on 9/24/2024, BleepingComputer). Read More

🌪️ China's state-sponsored group, 'Salt Typhoon,' launches cyberattacks on U.S. ISPs, targeting high-value communication networks. (Published on 9/25/2024, Dark Reading). Read More

🔧 Researchers uncover the Splinter post-exploitation tool, a new Rust-based threat targeting multiple systems. (Published on 9/25/2024, The Hacker News). Read More

Vulnerabilities and Patches

💥 Critical vulnerabilities in Automated Tank Gauges threaten gas stations, airports, and other sensitive locations. (Published on 9/24/2024, Dark Reading). Read More

🛡️ Nvidia's critical container flaw exposes cloud AI systems to potential host takeovers via code execution and privilege escalation. (Published on 9/26/2024, SecurityWeek). Read More

🔧 OpenPLC vulnerabilities for DoS and remote code execution have been patched, mitigating severe threats. (Published on 9/26/2024, SecurityWeek). Read More

🛡️ Five Eyes agencies release joint guidance for detecting Active Directory intrusions to enhance cybersecurity defenses. (Published on 9/27/2024, SecurityWeek). Read More

Cybersecurity Policy and Regulations

🚗 The U.S. Commerce Department proposes banning automotive software and hardware from China and Russia, citing national security concerns. (Published on 9/23/2024, Dark Reading). Read More

🖥️ Google accuses Microsoft of antitrust violations, citing unfair penalties for Azure customers who use other cloud providers. (Published on 9/25/2024, Ars Technica). Read More

Cyber Incidents and Outages

🔒 MoneyGram services go offline due to unresolved cyber issues, leaving users without access for four days. (Published on 9/24/2024, Dark Reading). Read More

🔑 Meta fined $101 million for storing millions of user passwords in plaintext, a major security lapse. (Published on 9/27/2024, Ars Technica). Read More

Industry Insights and Trends

🛡️ Secure your browser, the most attacked enterprise app, with advanced cloud management, according to Menlo Security. (Published on 9/26/2024, Malware News). Read More

📊 Is synthetic data the key to future AI model training? It offers scalability but comes with risks. (Published on 9/27/2024, InformationWeek). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!