This was another busy week with no time to write, so this will be only a collection of links.

Links of the week

Lazarus confirmed for the 3CX compromise: https://duo.com/decipher/lazarus-group-gopuram-backdoor-found-at-some-3cx-victims

The PinDuoDuo app is tracking extensively its users (and leveraging Android vulnerabilities...): https://duo.com/decipher/lazarus-group-gopuram-backdoor-found-at-some-3cx-victims

A new ransomware exploits the Cortex XDR Dump Service Tool  and encrypts files quickly: https://research.checkpoint.com/2023/rorschach-a-new-sophisticated-and-fast-ransomware/

A first vulnerability for Twitter, a denial of service via the reduction of reputation score: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29218

The EU wants to deploy a "shield" for everyone: https://www.phonandroid.com/leurope-va-creer-un-cyber-bouclier-pour-se-proteger-contre-les-pirates.html

Good streak ! Last week it was the turn of the Genesis marketplace to be taken down: https://www.securityweek.com/success-of-genesis-market-takedown-attempt-called-into-question/

Chaos Engineering in your Ci/CD pipeline: https://kellyshortridge.com/blog/posts/69-ways-to-mess-up-your-deploy/

Windows drivers used by Threat Actors: https://www.loldrivers.io/

An updated guide on what to log and how in AWS: https://aws.amazon.com/fr/blogs/security/logging-strategies-for-security-incident-response/

Conclusion

This is going to be a great week !