The FritzFrog cryptocurrency mining botnet is growing as a recently analyzed variant exploits the Log4Shell and PwnKit vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet, discovered in August 2020, is a Peer-to-Peer (P2P) botnet run by Golang-based malware. It targets SSH servers by brute-forcing login credentials and has successfully compromised thousands of them.

Researchers have discovered four vulnerabilities, collectively called "Leaky Vessels," in container engine components. Three of the vulnerabilities enable attackers to break out of containers and perform malicious actions on the host system. One of the vulnerabilities affects runC, the lightweight container runtime for Docker and other container environments. It is the most critical of the four vulnerabilities, scoring 8.6 on the CVSS scale.

According to security researchers at Chainalysis, market manipulators may have made over $240m last year by artificially inflating the value of Ethereum tokens.  Chainalysis investigated the 370,000 tokens launched on Ethereum between January and December 2023, 168,600 of which were available to trade on at least one decentralized exchange (DEX).

The National Institute of Standards and Technology (NIST) has released a practice guide covering methods aimed at helping major industries implement the Internet security protocol TLS 1.3, as well as conduct network monitoring and auditing safely, securely, and effectively. Companies in finance, healthcare, and other major industries must follow best practices for monitoring incoming data for cyberattacks. TLS 1.3 provides advanced protection but complicates the performance of required data audits.

Europcar, a global car rental company, has denied claims of a data breach, arguing that the Europcar data posted online by threat actors was generated using ChatGPT, the Artificial Intelligence (AI)-powered chatbot. An advertisement on a popular data leak forum claims that attackers are selling the personal information of 50 million Europcar customers. The authors say they accessed usernames, passwords, home addresses, passport numbers, and other sensitive information. However, the company says this advertisement is false, and the sample data is likely ChatGPT-generated.

According to Guardio Labs researchers, the phishing ecosystem has been made highly accessible due to Telegram's emergence as a hub for cybercrime, allowing threat actors to launch massive attacks inexpensively. The messaging app has evolved into a place where cybercriminals of different skill levels could exchange illicit tools and insights, resulting in an effective supply chain of tools and victim data. They are sharing free samples, tutorials, kits, and other components that could help build a malware campaign.

A zero-day vulnerability, discovered by a security researcher named Florian and reported to Microsoft, has the potential to crash the Windows Event Log service on all supported (and some legacy) versions of Windows. The exploitation of this vulnerability by a malicious actor could cause significant problems for enterprise defenders. The vulnerability has not yet been patched, but in the meantime, the researcher has received permission from the company to publish a Proof-of-Concept (PoC) exploit.

An attack on the medical transcription company Perry Johnson & Associates (PJ&A) is now considered the largest US health sector data breach that occurred in 2023. PJ&A provides transcription services to medical facilities in the US, so it holds sensitive information about millions of Americans. Last year, hackers breached the company between March 27 and May 2, later stealing personal data from its systems in April. PJ&A disclosed that the breach affected more than 8.95 million people.