Welcome to Gone Phishing, your daily cybersecurity newsletter that knows that just like the sitting (sleeping? 😂) American president, hackers are simply Biden their time, ready to steal anything from an election to your Yahoo password 🙈 #StateoftheUnion… State of it!! 🙃

It’s Friday, folks, which can only mean one thing… It’s time for our weekly segment!

It goes by many names. Patch of the Week, Tweak of the week. Okay, that’s it.

Congrats, the cybercriminals are no match… for your patch! 🩹🩹🩹

Check out these freshly hatched patches 🐣🐣🐣

An Apple patch a day keeps the hackers at bay 🤓

🚀 Apple's Security Update Blitz! 🍏

Apple has swiftly responded to security concerns with a barrage of updates, tackling two actively exploited vulnerabilities alongside several others. These include CVE-2024-23225, a memory corruption flaw in the Kernel, and CVE-2024-23296 affecting the RTKit real-time operating system. 😱

These vulnerabilities allow attackers to bypass kernel memory protections. But fear not! 🛡️ Apple has beefed up validation in iOS 17.4, iPadOS 17.4, iOS 16.7.6, and iPadOS 16.7.6 to ward off potential attacks.

From iPhone 8 to the latest iPhone XS models and various iPad generations, updates are here to safeguard your devices. 📱 This marks Apple's third zero-day exploit fix this year, emphasising the ever-evolving cybersecurity landscape's importance. Meanwhile, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is flagging more vulnerabilities, underscoring the need for timely updates.

Stay vigilant and keep those devices locked down! 🔒💪

Now, on to today’s hottest cybersecurity stories:

• 🕵️ Google engineer turned Chinese spy arrested for stealing AI secrets 🤖

• 📰 Stop the WordPresses! Hacked sites are abusing visitors' browsers 💻

• 🐼 Chinese threat actor Evasive Panda targets Tibetan users w/ malware 👾

It’s a byte-sized betrayal 😬😬😬

🚨 Espionage Unveiled: Google's Secrets Stolen by Chinese National 🕵️

The U.S. Department of Justice (DoJ) has unmasked a tale of corporate espionage, indicting a 38-year-old Chinese national and a California resident for allegedly stealing proprietary information from Google while clandestinely working for two China-based tech companies. 🕵️‍♂️💼🔓

Linwei Ding's Deception Unveiled 🕵️‍♂️💻🔍

Linwei Ding (aka Leon Ding), a former Google engineer, stands accused of transferring over 500 confidential files containing artificial intelligence (AI) trade secrets from Google's network to his personal account while maintaining secret affiliations with Chinese tech firms. Ding, who joined Google in 2019, allegedly orchestrated the theft between May 2022 and May 2023, aiming to bolster the competitive edge of two China-based companies in the AI sector. 🕵️‍♂️🔒💻

The Machinations of Espionage 🕵️‍♂️🔍💼

Ding's modus operandi involved covertly copying Google's trade secrets onto his personal devices and concealing the illicit data transfer by converting them into PDFs. To further obfuscate his actions, Ding allegedly misled Google by allowing another employee to use his access badge to access Google premises while he was, in reality, in China. Ding resigned from Google in December 2023. 🔍🔒🌏

Legal Ramifications and Cybersecurity Implications ⚖️🛡️💼

Ding faces four counts of theft of trade secrets, with each count carrying a maximum penalty of 10 years in prison and a $250,000 fine. This revelation underscores the persistent threat posed by insider threats and foreign espionage, necessitating robust cybersecurity measures and heightened vigilance in safeguarding intellectual property and sensitive data. 🚨🔒💻

Espionage Eclipses Borders 🌐🕵️‍♂️💼

The indictment of Linwei Ding comes on the heels of another high-profile arrest, highlighting the transnational nature of espionage and the insidious tactics employed by threat actors to compromise national security and undermine corporate integrity. As cyber threats continue to evolve, collaborative efforts and enhanced cybersecurity measures are imperative to combatting espionage and safeguarding critical assets. 🛡️🌏🔒

When WordPress comes to shove, will you be protected? 👀😬💀

🚨 WordPress Under Attack: New Threats Uncovered! 🔒

🔍 Sucuri's latest findings reveal a surge in brute-force attacks on WordPress sites using malicious JavaScript injections. Threat actors target innocent visitors to launch distributed brute-force attacks, exploiting compromised sites.

💻 Instead of crypto drainers, attackers now employ leaked passwords to breach WordPress sites. The attack unfolds in five stages, allowing unauthorised access to victim sites.

💰 Profit motives may drive this shift, as compromised WordPress sites offer various monetization avenues. Losses from crypto drainers soared in 2023, with attackers exploiting vulnerabilities to bypass security measures.

🛡️ Concurrently, cybersecurity experts warn of exploits targeting WordPress plugins like 3DPrint Lite (CVE-2021-4436) and SocGholish campaigns distributing JavaScript malware via plugin modifications.

⚠️ Stay vigilant! WordPress admins must prioritise patching vulnerabilities and implementing robust security measures to thwart evolving cyber threats.

TL;DR?

🚨 WordPress sites face surge in brute-force attacks.

💼 Profit motives drive attackers to exploit vulnerabilities.

⚠️ Cybersecurity experts warn of plugin-related exploits.

🛡️ Prioritise security measures to safeguard WordPress sites.

🎣 Catch of the Day!! 🌊🐟🦞

Learn AI in 5 minutes a day. We'll teach you how to save time and earn more with AI. Join 400,000+ free daily readers for trending tools, productivity boosting prompts, the latest news, and more.

It’s like a poor man’s Kung Fu Panda 😒🙃🐼

🐼 Evasive Panda Strikes Again: New Cyber Assaults Target Tibetan Users!

🎯 ESET uncovers a sophisticated cyber campaign by Evasive Panda, aiming to compromise Tibetan users through watering hole and supply chain attacks since September 2023.

💻 The attacks deploy malicious downloaders for Windows and macOS, introducing the MgBot backdoor and the previously unknown Nightdoor Windows implant.

🔍 At least three websites were compromised for watering hole attacks, including the Kagyu International Monlam Trust's site, strategically targeting users in India, Taiwan, Hong Kong, Australia, and the U.S.

🌐 The attackers also infiltrated an Indian software company's supply chain, distributing trojanized installers of Tibetan language translation software.

🛡️ Evasive Panda's arsenal includes multiple backdoors and payloads hosted on compromised websites, facilitating data theft and system manipulation.

🔒 Stay vigilant! Cybersecurity measures must be reinforced to combat evolving threats from sophisticated threat actors like Evasive Panda.

TL;DR?

🐼 Evasive Panda orchestrates cyber assaults on Tibetan users since September 2023.

💻 Malicious downloaders deploy MgBot and Nightdoor implants.

🌐 Compromised websites used for watering hole attacks, targeting multiple countries.

🛡️ Supply chain infiltration facilitates distribution of trojanized software.

🔍 Cybersecurity measures must be strengthened to counter Evasive Panda's tactics.

That’s all for this week, folks! Stay safe out there and don’t click on anything we wouldn’t! 😉

🗞️ Extra, Extra! Read all about it! 🗞️

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

• 🛡️ Tl;dr sec: Join 30,000+ security professionals getting the best tools, blog posts, talks, and resources right in their inbox for free every Thursday 📅

• 💵 Crypto Pragmatist: Crypto made simple. Actionable alpha in 5 minutes, 3x a week. Join 47,000+ investors and insiders, for 🆓

• 📈 Bitcoin Breakdown: The best in Bitcoin, carefully curated by an alien from the future 👾

Let us know what you think.

So long and thanks for reading all the phish!

• 🌵 CACTUS ransomware exploits flaws in Qlik Sense 💻