TLDR:
- A possible zero-day vulnerability was discovered in Adobe Reader.
- Researchers were able to hijack the .mobi TLD by spending $20.
- WhatsApp’s View Once feature was exploited in the wild.
SecurityWeek’s cybersecurity news roundup this week highlighted several important stories that may have gone unnoticed. One key discovery was a possible zero-day vulnerability in Adobe Reader, with reports indicating that it may have been exploited in the wild. Researchers also found that they could undermine the entire .mobi TLD after acquiring a legacy WHOIS server domain associated with it for just $20. Additionally, an exploit in WhatsApp’s View Once feature was identified, allowing content to be viewed after it was supposed to disappear.
Another significant finding was the activities of the Scattered Spider ransomware targeting the insurance and financial industries. New macOS malware known as HZ RAT was also analyzed, giving attackers complete control over infected devices. In addition, law enforcement agencies in the US and Romania dismantled criminal organizations using POS and ATM skimmers to clone credit and debit cards.
Google disclosed actions taken against influence operations, and details were revealed on a Windows MSI installer vulnerability exploited in the wild. A report from the FBI showed significant financial fraud involving cryptocurrency, with estimated losses exceeding $5.6 billion in 2023. Overall, this week’s cybersecurity news roundup highlighted the ongoing threats and vulnerabilities that continue to impact the cybersecurity landscape.