Study - Technical - LMS-SFC EN) - Cyber Security - News Archive July 2022
Cyber Security - News Archive
July 2022
31.07.2022
- News
from cyber security.
- Week in review:
Attackers abandoning malicious macros, average data
breach cost soars. (to
the original material)
- Australia charges
dev of Imminent Monitor RAT used by domestic abusers.
(to
the original material)
- Huge network of
11,000 fake investment sites targets Europe. (to
the original material)
- Threat actor claims
to have hacked European manufacturer of missiles MBDA.
(to
the original material)
- 17 Android Apps on
Google Play Store, dubbed DawDropper, were serving
banking malware. (to
the original material)
- Security Affairs
newsletter Round 376 by Pierluigi Paganini. (to
the original material)
- North Korea-linked
SharpTongue spies on email accounts with a malicious
browser extension. (to
the original material)
30.07.2022
- News
from cyber security.
- Adware cleaner
apps promoted on Facebook sneaked into the Play
Store. (to
the original material)
- Meta (Facebook),
U.S. hospitals sued for tracking patients on medical
portals. (to
the original material)
- Facebook ads push
Android adware with 7 million installs on Google
Play. (to
the original material)
- Melbourne Man
Charged With Creating Global Spyware. (to
the original material)
- Reading the
“ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS”
report. (to
the original material)
- CISA orders to
patch an actively exploited flaw in Confluence
servers. (to
the original material)
29.07.2022
- News
from cyber security.
- Ransomware:
Publicly Reported Incidents are only the tip of the
iceberg. (to
the original material)
- CISA Adds One
Known Exploited Vulnerability to Catalog. (to
the original material)
- Attackers are
slowly abandoning malicious macros. (to
the original material)
- New infosec
products of the week: July 29, 2022. (to
the original material)
- Why there is no
quick fix for cyber attacks. (to
the original material)
- Researchers
create key tech for quantum cryptography
commercialization. (to
the original material)
- Using real
customer data in testing environments creates
unnecessary risk. (to
the original material)
- CISA warns of
critical Confluence bug exploited in attacks. (to
the original material)
- US govt warns
Americans of escalating SMS phishing attacks. (to
the original material)
- LockBit
ransomware abuses Windows Defender to load Cobalt
Strike. (to
the original material)
- Microsoft links
Raspberry Robin malware to Evil Corp attacks. (to
the original material)
- Justice
Department Probing 2020 Federal Court System Breach.
(to
the original material)
- CyberArk,
Delinea, One Identity Top Gartner MQ for PAM
(Privileged Access Management). (to
the original material)
- Ukraine, US Sign
Cybersecurity Pact. (to
the original material)
- ISMG Editors:
Privacy Special With Lisa Sotto. (to
the original material)
- Facebook Slapped
With Another Health Data Privacy Lawsuit. (to
the original material)
- Microsoft experts
linked the Raspberry Robin malware to Evil Corp
operation. (to
the original material)
- Strong
Authentication – Robust Identity and Access
Management Is a Strategic Choice. (to
the original material)
- Exploitation is
underway for a critical flaw in Atlassian Confluence
Server and Data Center. (to
the original material)
- Malware-laced npm
packages used to target Discord users. (to
the original material)
28.07.2022
- News
from cyber security.
- Cybersecurity
news of the week (28.07.2022). (to
the original material)
- CISA Releases
Log4Shell-Related MAR (Malware Analysis
Report). (to
the original material)
- Kubernetes
security: Shift-left strategies and simplifying
management. (to
the original material)
- The future of
attack surface management (ASM). (to
the original material)
- Only 25% of
organizations consider their biggest threat to be
from inside the business. (to
the original material)
- 84% of
organizations experienced an identity-related breach
in the past 18 months. (to
the original material)
- 1 in 3 employees
don’t understand why cybersecurity is important. (to
the original material)
- Ransom payments
fall as fewer victims choose to pay hackers. (to
the original material)
- Microsoft SQL
servers hacked to steal bandwidth for proxy
services. (to
the original material)
- LibreOffice
addresses security issues with macros, passwords. (to
the original material)
- Cyberspies use
Google Chrome extension to steal emails undetected.
(to
the original material)
- Akamai blocked
largest DDoS in Europe against one of its customers.
(to
the original material)
- Malicious npm
packages steal Discord users’ payment card info. (to
the original material)
- As Microsoft
blocks Office macros, hackers find new attack
vectors. (to
the original material)
-
Phishing-as-a-Service Platform Offers Cut-Rate
Prices. (to
the original material)
- Microsoft
Denounces Advanced Spyware in Bid to Defuse It. (to
the original material)
- The Growing Cost
of Data Breaches, Especially in Healthcare. (to
the original material)
- Analysis: How
Uber Covered Up a Breach and Avoided Charges. (to
the original material)
27.07.2022
- News
from cyber security.
- Samba Releases
Security Updates. (to
the original material)
- Telecom &
Trust Services Incidents in 2021: Over-The-Top (OTT)
Challenges Emerging. (to
the original material)
- The global
average cost of a data breach reaches an all-time
high of $4.35 million. (to
th original material)
- Israel’s new
cyber-kinetic lab will boost the resilience of
critical infrastructure. (to
the original material)
- Organizations are
struggling with SaaS security. Why? (to
the original material)
- How SMBs are
evolving their cybersecurity operations practices. (to
the original material)
- Cybercrime goods
and services are cheap and plentiful. (to
the original material)
- Find out why
developers love Pentest as a Service (PtaaS
- Pentest-as-a-Service). (to
the original material)
- The strange
similarities between Lockbit 3.0 and Blackmatter
ransomware. (to
the original material)
- Fedora ditches
'No Rights Reserved' software over patent concerns.
(to
the original material)
- What Talos
Incident Response learned from a recent Qakbot
attack hijacking old email threads. (to
the original material)
- Kansas MSP shuts
down cloud services to fend off cyberattack. (to
the original material)
- New ‘Robin Banks’
phishing service targets BofA, Citi, and Wells
Fargo. (to
the original material)
- Spain arrests
suspected hackers who sabotaged radiation alert
system. (to
the original material)
- Microsoft:
Windows, Adobe zero-days used to deploy Subzero
malware. (to
the original material)
- GitHub introduces
2FA and quality of life improvements for npm. (to
the original material)
- DDoS Attack
Trends in 2022: Ultrashort, Powerful, Multivector
Attacks. (to
the original material)
- Tech Alone Won't
Defeat Advanced Spyware, US Congress Told. (to
the original material)
- Human to Merge
with PerimeterX to Thwart Bot Attacks, Fraud. (to
the original material)
- iPad Theft Is
Reminder That Devices Still Cause PHI Breaches. (to
the original material)
- Feds Double
Reward for Tips on North Korean-Backed Actors. (to
the original material)
26.07.2022
- News
from cyber security.
- Vulnerability
Summary for the Week of July 18, 2022. (to
the original material)
- Targeted campaign
uses infostealer to hijack Facebook Business
accounts. (to
the original material)
- The infosec
investment landscape: Which tech gets the most
bucks? (to
the original material)
- Major shifts and
the growing risk of identity fraud. (to
the original material)
- Benefits of
modern PAM (Privileged Access Management):
Efficiency, security, compliance. (to
the original material)
- Product showcase:
The Cynomi Virtual CISO (vCISO) platform. (to
the original material)
- Infosec pros want
more industry cooperation and support for open
standards. (to
the original material)
- Hackers scan for
vulnerabilities within 15 minutes of disclosure. (to
the original material)
- Microsoft: IIS
extensions increasingly used as Exchange backdoors.
(to
the original material)
- New Android
malware apps installed 10 million times from Google
Play. (to
the original material)
- Hackers steal $6
million from blockchain music platform Audius. (to
the original material)
- U.S. doubles
reward for tips on North Korean-backed hackers. (to
the original material)
- No More Ransom
helps millions of ransomware victims in 6 years. (to
the original material)
- LockBit claims
ransomware attack on Italian tax agency. (to
the original material)
- LinkedIn phishing
target employees managing Facebook Ad Accounts. (to
the original material)
- Financial tech
continues to capture VC (Venture Capitalist)
support, despite declining investments. (to
the original material)
- Ducktail criminal
group targets Facebook Business with malware to take
over accounts. (to
the original material)
- U.S. increased
rewards for info on North Korea-linked threat actors
to $10 million. (to
the original material)
- Threat actors
leverages DLL-SideLoading to spread Qakbot malware.
(to
the original material)
- Zero Day attacks
target online stores using PrestaShop. (to
the original material)
- CosmicStrand, a
new sophisticated UEFI firmware rootkit linked to
China. (to
the original material)
- Quarterly Report:
Incident Response Trends in Q2 2022. (to
the original material)
- Cyber Incident
Cost $100 Million, Tenet Healthcare Reports. (to
the original material)
- Kaspersky
Researchers Dissect Bootup Rootkit. (to
the original material)
- Titanium
Blockchain CEO Convicted of $21 Million Fraud. (to
the original material)
- The Decade in
Vulnerabilities and Why They Persist. (to
the original material)
25.07.2022
- News
from cyber security.
- Why firms need to
harness identity management before it spirals into
an identity crisis. (to
the original material)
- Monitoring the
impact of security solutions on user experiences is
critical. (to
the original material)
- Trust in fintech
security has been wavering. (to
the original material)
- CosmicStrand UEFI
malware found in Gigabyte, ASUS motherboards. (to
the original material)
- Source code for
Rust-based info-stealer released on hacker forums. (to
the original material)
- Hackers exploited
PrestaShop zero-day to breach online stores. (to
the original material)
- Patients want
greater control over health data sharing, AMA survey
shows. (to
the original material)
- HHS alerts to
ongoing healthcare web app attacks, urges review of
tactics. (to
the original material)
- Microsoft again
reverses course, will block macros by default. (to
the original material)
- Flaws in FileWave
MDM could have allowed hacking +1000 organizations.
(to
the original material)
- Lockbit
ransomware gang claims to have breached the Italian
Revenue Agency. (to
the original material)
- Amadey malware
spreads via software cracks laced with SmokeLoader.
(to
the original material)
- Drupal developers
fixed a code execution flaw in the popular CMS. (to
the original material)
- Thief Steals $6M
Tokens From Audius, Sells Them for $1M. (to
the original material)
- NIST Maps
Cybersecurity Framework to HIPAA Security Rule. (to
the original material)
- Early-Stage
Startups Pump Brakes on Growth as Downturn Looms. (to
the original material)
24.07.2022
- News
from cyber security.
- Is APT28 behind
the STIFF#BIZON attacks attributed to North
Korea-linked APT37? (to
the original material)
- Security Affairs
newsletter Round 375 by Pierluigi Paganini. (to
the original material)
- A database
containing data of 5.4 million Twitter accounts
available for sale. (to
the original material)
- Week in review:
The future of Metasploit, detecting lateral
movement, new issue of (IN)SECURE Magazine. (to
the original material)
- Amadey malware
pushed via software cracks in SmokeLoader campaign.
(to
the original material)
- QBot phishing
uses Windows Calculator sideloading to infect
devices. (to
the original material)
- Americans Deserve
More Than The Current American Data Privacy
Protection Act. (to
the original material)
23.07.2022
- News
from cyber security.
- FBI seized
$500,000 worth of bitcoin obtained from Maui
ransomware attacks. (to
the original material)
- SonicWall fixed
critical SQLi in Analytics and GMS products. (to
the original material)
- MedusaLocker
Server Likely Spotted In The Wild. (to
the original material)
- $350 Million
Settlement of T-Mobile Breach Lawsuits Proposed. (to
the original material)
- North Korean
hackers attack EU targets with Konni RAT malware. (to
the original material)
- Chrome use
subject to restrictions in Dutch schools over data
security concerns. (to
the original material)
22.07.2022
- News
from cyber security.
- Apple Releases
Security Updates for Multiple Products. (to
the original material)
- Cisco Releases
Security Updates for Multiple Products. (to
the original material)
- Atlassian
Releases Security Advisory for Questions for
Confluence App, CVE-2022-26138. (to
the original material)
- FBI Claws Back
Cryptocurrency Ransoms Paid to North Koreans. (to
the original material)
- USA’s plan to
build its cyber workforce, improve skills-based
pathways to cyber jobs. (to
the original material)
- New infosec
products of the week: July 22, 2022. (to
the original material)
- How kitemarks are
kicking off IoT regulation. (to
the original material)
- Detectree:
Open-source tool simplifies data analysis for blue
teams, reduces alert fatigue. (to
the original material)
- Visibility into
runtime threats against mobile apps and APIs still
lacking. (to
the original material)
- Atlassian:
Confluence hardcoded password was leaked, patch now!
(to
the original material)
- Hackers breach
Ukrainian radio network to spread fake news about
Zelenskiy. (to
the original material)
- Account lockout
policy in Windows 11 is enabled by default to block
brute force attacks. (to
the original material)
- Hackers breached
Ukrainian radio station to spread fake news about
Zelensky‘s health. (to
the original material)
- Candiru
surveillance spyware DevilsTongue exploited Chrome
Zero-Day to target journalists. (to
the original material)
- TA4563 group
leverages EvilNum malware to target European
financial and investment entities. (to
the original material)
- Feds Warn
Healthcare Sector of Web Application Attacks. (to
the original material)
- Cryptocurrency
Insider Trading, Fraud in DOJ Crosshairs. (to
the original material)
- The Week in
Ransomware - July 22nd 2022 - Attacks abound. (to
the original material)
- Hacker selling
Twitter account data of 5.4 million users for $30k.
(to
the original material)
- Digital security
giant Entrust breached by ransomware gang. (to
the original material)
- SonicWall: Patch
critical SQL injection bug immediately. (to
the original material)
- Major tech
groups, nonprofits iced out of UN working group on
cybersecurity norms. (to
the original material)
- Tenet Health
cyberattack, monthlong outage led to $100M in
‘unfavorable impact’. (to
the original material)
- Police Are Still
Abusing Investigative Exemptions to Shield
Surveillance Tech, While Others Move Towards
Transparency. (to
the original material)
- Threat Roundup
for July 15 to July 22. (to
the original material)
21.07.2022
- News
from cyber security.
- Cybersecurity
news of the week (21.07.2022). (to
the original material)
- Google Releases
Security Updates for Chrome. (to
the original material)
- Drupal Releases
Security Update. (to
the original material)
- CNMF (Cyber
Command’s Cyber National Mission Force) Discloses
Malware in Ukraine. (to
the original material)
- Microsoft adds
default protection against RDP brute-force attacks.
(to
the original material)
- The rise and
continuing popularity of LinkedIn-themed phishing. (to
the original material)
- Atlassian fixes
critical flaws in Confluence, Jira, Bitbucket and
other products, update quickly! (to
the original material)
- CloudMensis
backdoor spies on users of compromised Macs. (to
the original material)
- The importance of
secure passwords can’t be emphasized enough. (to
the original material)
- 60% of IT leaders
are not confident about their secure cloud access. (to
the original material)
- Settlements
Reached In 2 Large Healthcare Hack Lawsuits. (to
the original material)
- Premint Fingers
Open Source Flaw For NFT Hack. (to
the original material)
- US Cyber Command
Reveals Malware Indicators Targeting Ukraine. (to
the original material)
- Atlassian Fixes
Critical Hard-Coded Credential Bug. (to
the original material)
- Getting to Zero
Trust Requires Good Cybersecurity Baselines. (to
the original material)
- Cyber Resilience
Requires Complete Visibility. (to
the original material)
- Best Protection
Against Ransomware: A Good Backup Policy. (to
the original material)
- The Crucial
Ingredients of a Good Cyber Resilience Program. (to
the original material)
- Whatever Happened
to Russia's Cyber War Against Ukraine? (to
the original material)
- Ex-Coinbase
manager charged in first crypto insider-trading
case. (to
the original material)
- Chrome zero-day
used to infect journalists with Candiru spyware. (to
the original material)
- Google blocks
site of largest computing society for being
‘harmful’. (to
the original material)
- How Conti
ransomware hacked and encrypted the Costa Rican
government. (to
the original material)
- Windows 11 now
blocks RDP brute-force attacks by default. (to
the original material)
- New ‘Lightning
Framework’ Linux malware installs rootkits,
backdoors. (to
the original material)
- Microsoft starts
blocking Office macros by default, once again. (to
the original material)
- New Redeemer
ransomware version promoted on hacker forums. (to
the original material)
- Threat actors
target software firm in Ukraine using GoMet
backdoor. (to
the original material)
- Lightning
Framework, a previously undetected malware that
targets Linux systems. (to
the original material)
- Atlassian patched
a critical Confluence vulnerability. (to
the original material)
- Apple fixes
multiple flaws in iOS, iPadOS, macOS, tvOS, and
watchOS devices. (to
the original material)
- 8220 Gang Cloud
Botnet infected 30,000 host globally. (to
the original material)
- Health-ISAC gains
Google Cloud as ambassador, aims to bolster
healthcare resiliency. (to
the original material)
- New guidance by
cloud group, federal agency target HIPAA compliance
and vendor risk. (to
the original material)
- National data
privacy law draws mixed reaction from civil
liberties, industry groups. (to
the original material)
- Scanning for
red-team tools reveals likely campaign tied to
MedusaLocker ransomware. (to
the original material)
- New Amendments to
Intermediary Rules threaten Free Speech in India. (to
the original material)
- Threat Source
newsletter (July 21, 2022) - No topic is safe from
being targeted by fake news and disinformation. (to
the original material)
- Attackers target
Ukraine using GoMet backdoor. (to
the original material)
20.07.2022
- News
from cyber security.
- Oracle Releases
July 2022 Critical Patch Update. (to
the original material)
- How Zero Trust
Can Simplify Your Security Infrastructure. (to
the original material)
- Major Takeaways:
Cyber Operations During Russia-Ukraine War. (to
the original material)
- Vulnerabilities
in popular GPS tracker could allow hackers to
remotely stop cars. (to
the original material)
- Popular business
web apps fail to implement critical password
requirements. (to
the original material)
- What threats and
challenges are CISOs (Chief Information Security
Officer) and CROs (Chief Risk Officer)
most focused on? (to
the original material)
- Neopets data
breach exposes personal data of 69 million members.
(to
the original material)
- Google boosts
Android privacy with support for DNS-over-HTTP/3. (to
the original material)
- Atlassian fixes
critical Confluence hardcoded credentials flaw. (to
the original material)
- Convincing
‘YouTube’ Google ads lead to Windows support scams.
(to
the original material)
- Cisco fixes bug
that lets attackers execute commands as root. (to
the original material)
- Google Calendar
provides new way to block invitation phishing. (to
the original material)
- LinkedIn remains
the most impersonated brand in phishing attacks. (to
the original material)
- FBI recovers
$500,000 healthcare orgs paid to Maui ransomware. (to
the original material)
- New Luna
ransomware encrypts Windows, Linux, and ESXi
systems. (to
the original material)
- State Elections
Official Touts Bug Bounties for Voting Systems. (to
the original material)
- Latest HHS HIPAA
Actions Spotlight 'Right of Access' - Again. (to
the original material)
- Compromised
Credentials Persist as Data Breaches' Root Cause. (to
the original material)
- Romanian Who
Allegedly Sold Malware Hosting Extradited to US. (to
the original material)
- New Luna
ransomware targets Windows, Linux and ESXi systems.
(to
the original material)
- Million of
vehicles can be attacked via MiCODUS MV720 GPS
Trackers. (to
the original material)
- EU warns of risks
of spillover effects associated with the ongoing war
in Ukraine. (to
the original material)
- Belgium claims
China-linked APT groups hit its ministries. (to
the original material)
- Online skimming
hammers restaurant payment platforms as attacker
base widens. (to
the original material)
- Challenges of
cyber workforce optimization. (to
the original material)
- The case for
cyber workforce optimization. (to
the original material)
- Authentication
weakness responsible for 80% of financial breaches,
(to
the original material)
- Feds disrupt
North Korean ransomware operations, return $500K to
healthcare victims. (to
the original material)
- Blocking
Microsoft Office macros for security could make more
work for financial firms. (to
the original material)
- EFF Poker
Tournament at DEF CON 30. (to
the original material)
- Nigerian Twitter
Ban Declared Unlawful by Court. (to
the original material)
- Self-Proclaimed
Free Speech Platforms Are Censoring Nude Content.
Here’s Why You Should Care. (to
the original material)
19.07.2022
- News
from cyber security.
- Belgian
government calls on Chinese authorities to take
action against malicious cyber activities by Chinese
APTs. (to
the original material)
- CISA released
Security Advisory on MiCODUS MV720 Global
Positioning System (GPS) Tracker. (to
the original material)
- Cybersecurity
Policy Challenges on the Agenda of the European
Parliament Delegation Visit to ENISA. (to
the original material)
- Vulnerability
Summary for the Week of July 11, 2022. (to
the original material)
- ePlus Acquires
Future Com to Strengthen Security Operations. (to
the original material)
- DOJ Seizes
$500,000 From North Korean Attacks on Healthcare. (to
the original material)
- Online Travel
Booking Website Probes 'Security Anomaly'. (to
the original material)
- US CISA to Set Up
Attache Office in London. (to
the original material)
- Separating the
Quantum Hype From the Reality. (to
the original material)
- GPS Tracker Made
in China Conduit for Vehicle Hacking. (to
the original material)
- Removing the
blind spots that allow lateral movement. (to
the original material)
- 82% of global
insurers expect the rise in cyber insurance premiums
to continue. (to
the original material)
- Hacking group
'8220' grows cloud botnet to more than 30,000 hosts.
(to
the original material)
- Building
materials giant Knauf hit by Black Basta ransomware
gang. (to
the original material)
- UK heat wave
causes Google and Oracle cloud outages. (to
the original material)
- EU warns of
Russian cyberattack spillover, escalation risks. (to
the original material)
- Malicious Android
apps with 300K installs found on Google Play. (to
the original material)
- Russian hackers
use fake DDoS app to infect pro-Ukrainian activists.
(to
the original material)
- Popular vehicle
GPS tracker gives hackers admin privileges over SMS.
(to
the original material)
- Belgium says
Chinese hackers attacked its Ministry of Defense. (to
the original material)
- Hackers steal
50,000 credit cards from 300 U.S. restaurants. (to
the original material)
- Air-gapped
systems leak data via SATA cable WiFi antennas. (to
the original material)
- Russian SVR
hackers use Google Drive, Dropbox to evade
detection. (to
the original material)
- New CloudMensis
malware backdoors Macs to steal victims’ data. (to
the original material)
- CloudMensis
spyware went undetected for many years. (to
the original material)
- Russia-linked
APT29 relies on Google Drive, Dropbox to evade
detection. (to
the original material)
- Crooks create
rogue cryptocurrency-themed apps to steal crypto
assets from users. (to
the original material)
- Several apps on
the Play Store used to spread Joker, Facestealer and
Coper malware. (to
the original material)
- Google introduces
more efficient, DNS-over-HTTP/3 for Android. (to
the original material)
- BJC Health to
spend $2.7M on email MFA access to settle breach
affecting 288K patients. (to
the original material)
- Vulnerability
Spotlight: Issue in Accusoft ImageGear could lead to
memory corruption, code execution. (to
the original material)
18.07.2022
- News
from cyber security.
- CISA Updates
Advisory on Cyber Actors Continued Exploitation of
Log4Shell in VMware Horizon Systems. (to
the original material)
- Vulnerability
Summary for the Week of July 11, 2022. (to
the original material)
- The first formal
verification of a prototype of Arm CCA firmware. (to
the original material)
- Industrial
cybersecurity leaders are making considerable
headway. (to
the original material)
- Online payment
fraud losses to exceed $343 billion. (to
the original material)
- Graff paid a
$7.5M ransom and sued its insurance firm for
refusing to cover this payment. (to
the original material)
- EFF and Partners
Urge the Indian Government to Keep End-to-End
Encryption Alive. (to
the original material)
- Thales Buys
OneWelcome for $101.6M to Enter CIAM Market. (to
the original material)
- Cyberattack
Affects Albanian Government E-Services: Report. (to
the original material)
- Going Green:
Energy Firms Mustn't Repeat Security Mistakes. (to
the original material)
- Proof of Concept:
A New Era for Digital Identity? (to
the original material)
- The Real-World
Impact of Cyberattacks on Enterprises. (to
the original material)
- Assessing the
Privacy, Security Risks of Digital Health IT. (to
the original material)
- Beware of
password-cracking software for PLCs (Programmable
Logic Controllers) and HMIs (Human-Machine
Interfaces)! (to
the original material)
- (IN)SECURE
Magazine issue 72 released: Free download. (to
the original material)
- Russia fines
Google $358 million for not removing banned info. (to
the original material)
- FBI warns of fake
cryptocurrency apps used to defraud investors. (to
the original material)
- Roaming Mantis
hits Android and iOS users in malware, phishing
attacks. (to
the original material)
- MLNK Builder 4.2
released in Dark Web – malicious shortcut-based
attacks are on the rise. (to
the original material)
- Tor Browser 11.5
is optimized to automatically bypass censorship. (to
the original material)
- A massive
cyberattack hit Albania. (to
the original material)
- Watch out for the
CVE-2022-30136 Windows NFS Remote Code Execution
flaw. (to
the original material)
- Industrial
control system password cracker may be bad,
actually. (to
the original material)
- Infographic:
Automated incident response vs. the conventional
approach. (to
the original material)
- MITRE Engenuity
ATT&CK: What endpoint security vendors learned
after Evals. (to
the original material)
- White House to
hold summit on addressing the thousands of unfilled
cybersecurity jobs. (to
the original material)
- 11 health
providers settle HIPAA right of access failures with
feds. (to
the original material)
17.07.2022
- News
from cyber security.
- Week in review:
Kali Linux gets on Linode, facial recognition
defeated, Log4j exploitation. (to
the original material)
- The Matrix
messaging network now counts more than 60 million
users. (to
the original material)
- Crooks stole
$375k from Premint NFT, it is one of the biggest NFT
hacks ever. (to
the original material)
- Google is going
to remove App Permissions List from the Play Store.
(to
the original material)
- Security Affairs
newsletter Round 374 by Pierluigi Paganini. (to
the original material)
- APT groups target
journalists and media organizations since 2021. (to
the original material)
16.07.2022
- News
from cyber security.
- Hackers pose as
journalists to breach news media org’s networks. (to
the original material)
- Elastix VoIP
systems hacked in massive campaign to install PHP
web shells. (to
the original material)
- Critical flaw in
Netwrix Auditor application allows arbitrary code
execution. (to
the original material)
- CISA urges to fix
multiple critical flaws in Juniper Networks
products. (to
the original material)
- Threat actors
exploit a flaw in Digium Phone Software to target
VoIP servers. (to
the original material)
- BlackCat Adds
Brute Ratel Pentest Tool to Attack Arsenal. (to
the original material)
- New infosec products
of the week: July 15, 2022. (to
the original material)
- How to address the
ongoing risk of Log4j exploitation and prepare for the
future. (to
the original material)
- Outsourcing security
is the only solution for many smaller teams. (to
the original material)
- Q-Day: The problem
with legacy public key encryption. (to
the original material)
- The proliferation of
money mules and how behavioral biometrics can combat
this form of fraud. (to
the original material)
- Tor Browser now
bypasses internet censorship automatically. (to
the original material)
- Attackers scan 1.6
million WordPress sites for vulnerable plugin. (to
the original material)
- Windows Network File
System flaw results in arbitrary code execution as
SYSTEM. (to
the original material)
- Digital burglary at
recruitment agency Morgan Hunt confirmed. (to
the original material)
- Meet Mantis – the
tiny shrimp that launched 3,000 DDoS attacks. (to
the original material)
- Password recovery
tool infects industrial systems with Sality malware. (to
the original material)
- Tainted
password-cracking software for industrial systems used
to spread P2P Sality bot. (to
the original material)
- Experts warn of
attacks on sites using flawed Kaswara Modern WPBakery
Page Builder Addons. (to
the original material)
- Holy Ghost ransomware
operation is linked to North Korea. (to
the original material)
- RedAlert, LILITH, and
0mega, 3 new ransomware in the wild. (to
the original material)
- Ring Reveals They
Give Videos to Police Without User Consent or a Warrant.
(to
the original material)
- H0lyGh0st Ransomware
Linked to North Korean Hackers. (to
the original material)
- Log4j Flaw Is
'Endemic,' Says Cyber Safety Review Board. (to
the original material)
- Synthetic ID Fraud:
Continuous Monitoring Is the Key. (to
the original material)
- EDR, XDR and the Path
to Cyber Readiness. (to
the original material)
- ISMG Editors:
Analyzing the Predatory Sparrow Attack. (to
the original material)
- Too Much Remains
Unknown About Data Breaches. (to
the original material)
- Why SolarWinds just
may be one of the most secure software companies in the
tech universe. (to
the original material)
- Now offering
cryptocurrency, ATMs targeted for crypto-fraud. (to
the original material)
- Oklahoma State
University health center pays $875K penalty for HIPAA
violations. (to
the original material)
- EMEAR Monthly Talos
Update: Training the next generation of cybersecurity
researchers. (to
the original material)
- Threat Source
newsletter (July 14, 2022) - Are virtual IDs worth the
security risk of saving a few seconds in the TSA line? (to
the original material)
14.07.2022
- News
from cyber security.
- Cybersecurity News
of the Week (14.07.2022). (to
the original material)
- Juniper Networks
releases security updates for multiple products. (to
the original material)
- PayPal-themed
phishing kit allows complete identity theft. (to
the original material)
- The future of SOCs
(Security Operations Center): Automation where it
matters. (to
the original material)
- How attackers abuse
Quickbooks to send phone scam emails. (to
the original material)
- Businesses are
adding more endpoints, but can’t manage them all. (to
the original material)
- Conventional
cybersecurity approaches are falling short. (to
the original material)
- Microsoft links
Holy Ghost ransomware operation to North Korean
hackers. (to
the original material)
- PayPal phishing kit
added to hacked WordPress sites for full ID theft. (to
the original material)
- Mantis botnet
behind the record-breaking DDoS attack in June. (to
the original material)
- New Retbleed
speculative execution CPU attack bypasses Retpoline
fixes. (to
the original material)
- Mantis botnet
powered the largest HTTPS DDoS attack in June. (to
the original material)
- The new Retbleed
speculative execution attack impacts both Intel and
AMD chips. (to
the original material)
- Former CIA employee
Joshua Schulte was convicted of Vault 7 massive leak.
(to
the original material)
- Microsoft published
exploit code for a macOS App sandbox escape flaw. (to
the original material)
- VMware fixed a flaw
in vCenter Server discovered eight months ago. (to
the original material)
- EFF and ACLU File
Amicus Brief Objecting to Warrantless, Suspicionless
Electronic Device Searches at the Border. (to
the original material)
- CyberArk Execs: 9
Bets on What's Next in Identity Security. (to
the original material)
- At Half-Year Mark,
Ransomware, Vendor Breaches Dominate. (to
the original material)
- Microsoft Says
Phishing Campaign Skirted MFA to Access Email. (to
the original material)
- Ex-CIA Employee
Convicted in Theft of Covert Hacking Info. (to
the original material)
- Deakin Uni Students
Suffer Smishing Attack, Data Breach. (to
the original material)
- Crime Watch: Why
Are Ransomware Attacks Intensifying? (to
the original material)
- The Nature of
Application Code. (to
the original material)
- How to deploy a
cloud-native app protection platform. (to
the original material)
- Tenet Health sued
after affiliate hack, health data theft impacting
1.2M. (to
the original material)
- Journalists
increasingly targeted with phishing attacks, while
news media also used as lures. (to
the original material)
- Vulnerability
Spotlight: Use-after-free condition in Google Chrome
WebGPU. (to
the original material)
13.07.2022
- News
from cyber security.
- Who are the best
fraud fighters? (to
the original material)
- The weaponizing of
smartphone location data on the battlefield. (to
the original material)
- The enemy of
vulnerability management? Unrealistic expectations. (to
the original material)
- Best practices for
cyber resilience. (to
the original material)
- Nine ways for
securely integrating a CMS and ecommerce platform. (to
the original material)
- New Lilith
ransomware emerges with extortion site, lists first
victim. (to
the original material)
- Bandai Namco
confirms hack after ALPHV ransomware data leak threat.
(to
the original material)
- Microsoft releases
PoC exploit for macOS sandbox escape vulnerability. (to
the original material)
- New UEFI firmware
flaws impact over 70 Lenovo laptop models. (to
the original material)
- New Android malware
on Google Play installed 3 million times. (to
the original material)
- $8 million stolen
in large-scale Uniswap airdrop phishing attack. (to
the original material)
- Qakbot operations
continue to evolve to avoid detection. (to
the original material)
- Impact Litigation
in Action: Building the Caselaw Behind a Win for Free
Speech. (to
the original material)
- The Department of
Defense Should Disclose When it Purchases User Data. (to
the original material)
- July Patch Tuesday
Fixes 1 Zero-Day, 84 Flaws. (to
the original material)
- Search Here:
Ransomware Groups Refine High-Pressure Tactics. (to
the original material)
- $8M of Crypto
Stolen by Phishing From Uniswap Liquidity Pool. (to
the original material)
- Russia's
Cyberattack Strategy: Precision, Not Spillover. (to
the original material)
- The Ransomware
Files, Episode 9: Dr. Ransomware, Part 1. (to
the original material)
- Big Health Data:
Top Privacy, Security Considerations. (to
the original material)
- House wants
Congress in the loop for government’s post-quantum
transition. (to
the original material)
- ‘Bring your own
identity,’ and the need for robust identity proofing.
(to
the original material)
- Is cannabis
business banking a new financial opportunity or a huge
security risk? (to
the original material)
- Zero-trust access
resonates in the financial industry, where risk is
everything. (to
the original material)
- Transparent Tribe
begins targeting education sector in latest campaign.
(to
the original material)
- Vulnerability
Spotlight: Adobe Acrobat DC use-after-free issues
could lead to arbitrary code execution. (to
the original material)
12.07.2022
- News
from cyber security.
- Adobe releases
security updates for multiple products. (to
the original material)
- Microsoft releases
July 2022 Security Updates. (to
the original material)
- SAP releases July
2022 Security Updates. (to
the original material)
- Citrix releases
security updates for Hypervisor. (to
the original material)
- CISA adds one known
exploited vulnerability to Catalog . (to
the original material)
- Vulnerability
summary for the Week of July 4, 2022. (to
the original material)
- Congress probes how
location data brokers threaten reproductive privacy. (to
the original material)
- Victory! Another
Court protects the right to record police. (to
the original material)
- Microsoft fixes
exploited zero-day in Windows CSRSS (CVE-2022-22047).
(to
the original material)
- Researchers defeat
facial recognition systems with universal face mask. (to
the original material)
- Product showcase:
ImmuniWeb Neuron, DAST with a zero false positives
SLA. (to
the original material)
- Are your site’s
tracking technologies breaking the law? (to
the original material)
- A look at the bring
your own browser (BYOB - Bring Your Own
Browser) approach. (to
the original material)
- VMware patches
vCenter Server flaw disclosed in November. (to
the original material)
- Microsoft fixes
dozens of Azure Site Recovery privilege escalation
bugs. (to
the original material)
- CISA orders
agencies to patch new Windows zero-day used in
attacks. (to
the original material)
- Hackers impersonate
cybersecurity firms in callback phishing attacks. (to
the original material)
- Hackers stole $620
million from Axie Infinity via fake job interviews. (to
the original material)
- Microsoft July 2022
Patch Tuesday fixes exploited zero-day, 84 flaws. (to
the original material)
- Microsoft: Phishing
bypassed MFA in attacks against 10,000 orgs. (to
the original material)
- New ‘Luna Moth’
hackers breach orgs via fake subscription renewals. (to
the original material)
- FTC puts data
collectors and brokers on notice in light of abortion
bans. (to
the original material)
- DDoS attacks surge
in popularity in Ukraine - but are they more than a
cheap thrill? (to
the original material)
- Rocket maker agrees
to pay $9 million to settle allegations of
cybersecurity violations. (to
the original material)
- AWS patches 'one
bug, three vulnerabilities' authentication error. (to
the original material)
- UK watchdog seeks
review into gov use of WhatsApp. (to
the original material)
- Ukraine’s cyber
agency tracks ‘significant increase’ in
malware-directed attacks. (to
the original material)
- FTC official vows
to ‘crack down’ on companies misusing consumer health
data. (to
the original material)
- Palo Alto, HCL
expands partnership to secure customers’ digital and
cloud transformation. (to
the original material)
- Nearly all
organizations reported having a failed IIoT/OT
security project. (to
the original material)
- Cloud-native app
protection platforms: what they are and what they
bring to the table. (to
the original material)
- Using shields up to
secure credentials and mitigate vulnerabilities. (to
the original material)
- Security success
means not solving every problem. (to
the original material)
- When it comes to
fraud, it takes a network to defeat a network. (to
the original material)
- Lithuanian Energy
Firm Experiences DDoS. (to
the original material)
- Fake Google Update
Delivering HavanaCrypt Ransomware. (to
the original material)
- India Calls for
Stricter Actions Against Cybercriminals. (to
the original material)
- Predatory Sparrow's
Hacks: There's Smoke, There's Fire. (to
the original material)
11.07.2022
- News
from cyber security.
- Linode + Kali
Linux: Added security for cloud instances. (to
the original material)
- BlackCat (aka
ALPHV) ransomware is increasing stakes up to $2.5
million in demands. (to
the original material)
- Dealing with
threats and preventing sensitive data loss. (to
the original material)
- The impact of DNS
attacks on global organizations. (to
the original material)
- 7 steps to switch
your organization to a zero trust architecture. (to
the original material)
- Nearly all
governmental websites serve cookies or third-party
trackers. (to
the original material)
- State by State,
We’re Making Progress Against Anti-Speech Lawsuits. (to
the original material)
- Hackers can unlock
Honda cars remotely in Rolling-PWN attacks. (to
the original material)
- Ransomware gang now
lets you search their stolen data. (to
the original material)
- Microsoft says
decision to unblock Office macros is temporary. (to
the original material)
- How to auto block
macros in Microsoft Office docs from the internet. (to
the original material)
- Australia's major
banks look to dynamic CVV to combat payment fraud. (to
the original material)
- Florida man accused
of selling counterfeit Cisco gear. (to
the original material)
- Settlement shows
False Claims Act is no silver bullet for cybersecurity
compliance. (to
the original material)
- Biden orders health
privacy actions as senators seek stronger HIPAA
protections after Roe overturned. (to
the original material)
- Security
researchers warn of impersonation attacks ahead of
Amazon Prime Day. (to
the original material)
- Paladin Cloud’s
open source security-as-code platform available to the
public. (to
the original material)
- Why expired digital
certificates have become a bigger threat. (to
the original material)
- Recorded Future
Buys Hatching for More Malware Visibility. (to
the original material)
- Puerto Rico Commits
$7.6M to Boost Cybersecurity. (to
the original material)
- Aerojet Rocketdyne
Pays $9M to Settle Cybersecurity Lawsuit. (to
the original material)
- How
Double-Extortion Attacks Vary By Victims' Sector. (to
the original material)
- Don't Pay Ransoms,
UK Government and Privacy Watchdog Urge. (to
the original material)
10.07.2022
- News
from cyber security.
- Week in review:
Quantum-resistant encryption, attackers using
deepfakes, Patch Tuesday forecast. (to
the original material)
- Maastricht
University wound up earning money from its ransom
payment. (to
the original material)
- HHS agrees to
improve feedback process for healthcare data breach
reporting. (to
the original material)
09.07.2022
- News
from cyber security.
- Microsoft performs
an about-face on Office macro security policy - albeit
a temporary one. (to
the original material)
- PyPI mandates 2FA
for critical projects, developer pushes back. (to
the original material)
- Mangatoon data
breach exposes data from 23 million accounts. (to
the original material)
- Crema Finance
Issues Recovery Plans After $8.8M Crypto Hack. (to
the original material)
- CEO Charged for
Selling Fake Cisco Networking Equipment. (to
the original material)
08.07.2022
- News
from cyber security.
- Threat Roundup for
July 1 to July 8. (to
the original material)
- A third of
mid-sized organizations don't have a cyber-incident
response plan. (to
the original material)
- Checkmate
ransomware hits QNAP NAS devices. (to
the original material)
- New infosec
products of the week: July 8, 2022. (to
the original material)
- Simplifying legal
entity identification in the digital age. (to
the original material)
- July 2022 Patch
Tuesday forecast: A summertime lull? (to
the original material)
- Why 80% of
companies are looking to switch their managed service
provider. (to
the original material)
- 54% of SMBs do not
implement MFA. (to
the original material)
- The Week in
Ransomware - July 8th 2022 - One down, many to go. (to
the original material)
- New 0mega
ransomware targets businesses in double-extortion
attacks. (to
the original material)
- Free decryptor
released for AstraLocker, Yashma ransomware victims. (to
the original material)
- San Francisco
coalition fights SFPD’s proposal to co-opt private
surveillance cameras. (to
the original material)
- EFF and partners
call on Indonesia to repeal invasive content
moderation. (to
the original material)
- Internet Archive
seeks summary judgment in federal lawsuit filed by
publishing companies. (to
the original material)
- Google to delete
sensitive medical locations from user history after
Roe struck down. (to
the original material)
- Biden Order Seeks
to Protect Reproductive Data Privacy. (to
the original material)
- Ransomware Locks
Indian Flood Monitors During Monsoon Season. (to
the original material)
- Customer.io Email
Data Breach Larger Than Just OpenSea. (to
the original material)
- ISMG Editors:
What's the Status of the SBOM? (to
the original material)
- How the Threat
Landscape Is Evolving. (to
the original material)
- Russia, Ukraine and
the Future Cybercrime Landscape. (to
the original material)
- Zero Trust: The
Nitty-Gritty Details. (to
the original material)
- Leveraging
Interindustry Data to Discover Mule Accounts. (to
the original material)
07.07.2022
- News
from cyber security.
- Cybersecurity News
of the Week (07.07.2022). (to
the original material)
- Cisco releases
security updates for multiple products. (to
the original material)
- Threat Source
newsletter (July 7, 2022) - Teamwork makes the dream
work. (to
the original material)
- Breach report:
Understand and minimize reputational cost. (to
the original material)
- SiteCheck Malware
Trends Report – Q2 2022. (to
the original material)
- Ransomware and the
places that worry about it most. (to
the original material)
- Threat actors
exchange beacons for badgers to evade endpoint
security. (to
the original material)
- Apple previews
Lockdown Mode to protect users from targeted spyware.
(to
the original material)
- Healthcare
organizations targeted with Maui ransomware. (to
the original material)
- Imagination is key
to effective data loss prevention. (to
the original material)
- Cyberattacks
against law enforcement are on the rise. (to
the original material)
- Microsoft rolls
back decision to block Office macros by default. (to
the original material)
- Fake copyright
complaints push IcedID malware using Yandex Forms. (to
the original material)
- New stealthy OrBit
malware steals data from Linux devices. (to
the original material)
- Quantum ransomware
attack affects 657 healthcare orgs. (to
the original material)
- QNAP warns of new
Checkmate ransomware targeting NAS devices. (to
the original material)
- Online programming
IDEs can be used to launch remote cyberattacks. (to
the original material)
- Post-quantum
cryptography algorithms named. (to
the original material)
- Cisco collaboration
software vulnerabilities fixed. (to
the original material)
- Apple introduces
Lockdown Mode as it battles spyware firms. (to
the original material)
- US finance sector
encouraged to stay vigilant against retaliatory
Russian cyberattacks. (to
the original material)
- SHI Malware Attack
Knocks Website, Email Offline for Days. (to
the original material)
- Taking Actions to
Enhance Sensitive Health Data Privacy. (to
the original material)
- Apple Lockdown Mode
Aims to Prevent State-Sponsored Spyware. (to
the original material)
- Security Awareness
and Behavioral Change: What's Realistic? (to
the original material)
- FBI and MI5 Chiefs
Issue Warning on China IP Theft. (to
the original material)
- How McDonald’s
Keeps Security Awareness Fresh and Relevant. (to
the original material)
- How to Stop Data
from Leaving with Employees. (to
the original material)
- Safety in the
Cloud. (to
the original material)
- How to Respond to
the New 'Fraud Universe'. (to
the original material)
- Top 5 Tips for
Defending Your Endpoints. (to
the original material)
06.07.2022
- News
from cyber security.
- How to map the
Cybersecurity Threat Landscape? Follow the ENISA
6-step Methodology. (to
the original material)
- OpenSSL releases
security update. (to
the original material)
- North Korean
state-sponsored cyber actors use Maui ransomware to
target the healthcare and public health sector. (to
the original material)
- NIST selects 4
quantum-resistant encryption algorithms. (to
the original material)
- The connected
nature of smart factories is exponentially increasing
the risk of cyber attacks. (to
the original material)
- Why your API
gateway is not enough for API security? (to
the original material)
- How a cyber asset
management strategy can help enterprises detect
threats. (to
the original material)
- Encryption is high
up on corporate priority lists. (to
the original material)
- New Hive ransomware
variant is written in Rust and use improved encryption
method. (to
the original material)
- Malicious NPM
packages used to grab data from apps, websites. (to
the original material)
- The core principles
of Zero Trust – NIST. (to
the original material)
- The tech devices we
worry about the most. (to
the original material)
- IT services giant
SHI hit by "professional malware attack". (to
the original material)
- Security advisory
accidentally exposes vulnerable systems. (to
the original material)
- Apple’s new
Lockdown Mode defends against government spyware. (to
the original material)
- Ransomware, hacking
groups move from Cobalt Strike to Brute Ratel. (to
the original material)
- Marriott confirms
another data breach after hotel got hacked. (to
the original material)
- US govt warns of
Maui ransomware attacks against healthcare orgs. (to
the original material)
- For the love of the
wild web. (to
the original material)
- ASD creates CISO
role in REDSPICE hiring blitz. (to
the original material)
- Threat actors abuse
penetration testing tool for attacks. (to
the original material)
- OpenSSL fixes
remote code execution bug. (to
the original material)
- A guide to House
cyber amendments in the NDAA. (to
the original material)
- QuickBooks
accounting software targeted for sophisticated
phishing attacks. (to
the original material)
- Apple announces
‘lockdown’ security feature to counter NSO-type
spyware. (to
the original material)
- Accounts receivable
provider discloses network breach to potentially
affected customers. (to
the original material)
- Pentagon Looking
for a Few Good Hackers. (to
the original material)
- Feds Warn
Healthcare Sector of 'Maui' Ransomware Threats. (to
the original material)
- Marriott Confirms
Data Breach, Says Core Network Unaffected. (to
the original material)
- Bridging the Gaps
of Cybersecurity: How High-Fidelity Threat
Intelligence can Help Agencies Prioritize and Combat
Phishing. (to
the original material)
- The Death of
Network Hardware Appliances - and the Evolution of
Cloud-Native Architectures. (to
the original material)
05.07.2022
- News
from cyber security.
- Press release:
Launch of the study "Strategic resilience of the
European Union, including in the technological and
digital fields: future scenarios and contributions of
Romania". (to
the original material)
- Google releases
security update for Chrome. (to
the original material)
- Prepare for a new
cryptographic standard to protect against future
quantum-based threats. (to
the original material)
- Attackers are using
deepfakes to snag remote IT jobs. (to
the original material)
- PCI DSS 4.0
released, addresses emerging threats and technologies.
(to
the original material)
- Applying Shift Left
principles to third party risk management. (to
the original material)
- People are the
primary attack vector around the world. (to
the original material)
- Cybersecurity is
driving digital transformation in alternative
investment institutions. (to
the original material)
- New RedAlert
Ransomware targets Windows, Linux VMware ESXi servers.
(to
the original material)
- NPM supply-chain
attack impacts hundreds of websites and apps. (to
the original material)
- Microsoft quietly
fixes ShadowCoerce Windows NTLM Relay bug. (to
the original material)
- API security grows
more critical, even as organizations lack means to
address the risk. (to
the original material)
- NIST unveils four
algorithms that will underpin new ‘quantum-proof’
cryptography standards. (to
the original material)
- University recovers
2019 ransom to find value of cryptocurrency
skyrocketed. (to
the original material)
- What is DAST, and
how it can improve web application security. (to
the original material)
- What Log4Shell
taught us about application security, and how to
respond now. (to
the original material)
- Defense Department
testing paid bug bounty program this week. (to
the original material)
- Google patches
fourth Chrome zero-day this year. (to
the original material)
- Researcher
Spotlight: Around the security world and back again
with Nick Biasini. (to
the original material)
- U.S. data privacy
regulation advances. (to
the original material)
- Top 5 most common
WordPress malware infections: An anatomy lesson. (to
the original material)
- Hackers invade
British Army's social media accounts. (to
the original material)
- EFF statement on EU
Parliament’s adoption of digital services act and
digital markets act. (to
the original material)
- US Government Picks
Quantum-Resistant Encryption Algorithms. (to
the original material)
- Django Software
Foundation Patches High-Severity Bug. (to
the original material)
- Unknown Hacker
Steals Data of 1 Billion Chinese Citizens. (to
the original material)
- The Human Factor
2022. (to
the original material)
- Vendor's Ransomware
Attack Hits Over 600 Healthcare Clients. (to
the original material)
- How Machine
Learning Is Changing Access Monitoring. (to
the original material)
04.07.2022
- News
from cyber security.
- Vulnerability
summary for the Week of June 27, 2022. (to
the original material)
- Is the UK
government prepared for its greatest threat? (to
the original material)
- Malicious
activities insiders perform in enterprise
applications. (to
the original material)
- 69% of employees
need to deal with more security measures in a hybrid
work environment. (to
the original material)
- AstraLocker
ransomware shuts down and releases decryptors. (to
the original material)
- Google patches new
Chrome zero-day flaw exploited in attacks. (to
the original material)
- Hacker claims to
have stolen data on 1 billion Chinese citizens. (to
the original material)
- UK Army’s Twitter,
YouTube accounts hacked to push crypto scam. (to
the original material)
- Django fixes SQL
Injection vulnerability in new releases. (to
the original material)
- Popular Django web
framework affected by a SQL Injection flaw. Upgrade it
now! (to
the original material)
- Unfaithful
HackerOne employee steals bug reports to claim
additional bounties. (to
the original material)
- Threat Report
Portugal: Q2 2022. (to
the original material)
- CISA orders federal
agencies to patch CVE-2022-26925 by July 22. (to
the original material)
- NATO to develop
rapid cyber response capabilities. (to
the original material)
- #HowTo: Plug data
leaks. (to
the original material)
- British Army Social
Media accounts hijacked. (to
the original material)
- ICO set to scale
back public sector fines. (to
the original material)
- HackerOne insider
defrauded customers. (to
the original material)
- Hackers claim
police information stolen in China’s biggest data
breach. (to
the original material)
- Zero-day flaw in
Atlassian Confluence exploited in the wild since May.
(to
the original material)
- SolarWinds creates
new software build system in wake of Sunburst attack.
(to
the original material)
- The Best &
Worst States in America for online privacy. (to
the original material)
- Russian hackers
target private Ukrainian energy firm. (to
the original material)
- Australian
businesses lose $227 million to BEC-like scams. (to
the original material)
- Evervault is
offering free encryption services to women's health
apps. (to
the original material)
- US, Israel Initiate
Cybersecurity Collaboration Program. (to
the original material)
- Constant Vigilance
Demanded - Cyber 'Not Just Another Risk'. (to
the original material)
03.07.2022
- News
from cyber security.
- Privacy protection
agency seizes servers of hacked travel company. (to
the original material)
- Free smartphone
stalkerware detection tool gets dedicated hub. (to
the original material)
- Microsoft Defender
adds network protection for Android, iOS devices. (to
the original material)
- Tens of Jenkins
plugins are affected by zero-day vulnerabilities. (to
the original material)
- Microsoft:
Raspberry Robin worm already infected hundreds of
networks. (to
the original material)
- Security Affairs
newsletter Round 372 by Pierluigi Paganini. (to
the original material)
- Half of actively
exploited zero-day issues in H1 2022 are variants of
previous flaws. (to
the original material)
- Businesses
unprepared to deal with ransomware. (to
the original material)
- Why a
people-centric culture is critical to security, growth
and transformation [Q&A]. (to
the original material)
02.07.2022
- News
from cyber security.
- Rogue HackerOne
employee steals bug reports to sell on the side. (to
the original material)
- Verified Twitter
accounts hacked to send fake suspension notices. (to
the original material)
- Microsoft finds
Raspberry Robin worm in hundreds of Windows networks.
(to
the original material)
- The role of Social
Media in modern society – Social Media Day 22
interview. (to
the original material)
- Experts shared PoC
exploit code for RCE in Zoho ManageEngine ADAudit Plus
tool. (to
the original material)
- A ransomware attack
forced publishing giant Macmillan to shuts down its
systems. (to
the original material)
- ATC Healthcare,
Community of Hope, The People Concern disclose
breaches, Advocates notifies more people of its
breach. (to
the original material)
- Evilnum hacking
group updates TTPs targeting Fintech. (to
the original material)
01.07.2022
- News
from cyber security.
- CISA adds one known
exploited vulnerability to Catalog. (to
the original material)
- New infosec
products of the week: July 1, 2022. (to
the original material)
- Product showcase:
Group-IB Unified Risk Platform. (to
the original material)
- The challenges and
advantages of building behavior-based threat
detection. (to
the original material)
- Infosec products of
the month: June 2022. (to
the original material)
- Flagstar Bank
breach another example of hacker threat to financial
sector. (to
the original material)
- Three tips for
sharpening up DNS integrity. (to
the original material)
- A long-running
cryptomining campaign conducted by 8220 hackers now
targets Linux servers. (to
the original material)
- Pro-Russian hackers
launched a massive DDoS attack against Norway. (to
the original material)
- Trust key to space
travel, like cybersecurity, says astronaut Tim Peake.
(to
the original material)
- C-Suite ignoring
Smart Factory Cyber-Threats. (to
the original material)
- Researchers warn of
teen hacking group on Discord. (to
the original material)
- Santander warns of
87% surge in Celeb crypto scams. (to
the original material)
- Zoho ManageEngine
ADAudit Plus bug gets public RCE exploit. (to
the original material)
- The Week in
Ransomware - July 1st 2022 - Bug Bounties. (to
the original material)
- CISA orders
agencies to patch Windows LSA bug exploited in the
wild. (to
the original material)
- Microsoft updates
Azure AD with support for temporary passcodes. (to
the original material)
- Jenkins discloses
dozens of zero-day bugs in multiple plugins. (to
the original material)
- Mitre releases
ATT&CK search extension for Chrome. (to
the original material)
- What is MITRE
Engenuity ATT&CK? (to
the original material)
- SessionManager
Backdoor employed in attacks on Microsoft IIS servers
worldwide. (to
the original material)
- Microsoft spots
updated cryptomining malware tool targeting Linux
systems. (to
the original material)
- What law firms need
to know about cybersecurity. (to
the original material)
- Is Cyber Insurance
exacerbating the ransomware crisis?. (to
the original material)
- New
'SessionManager' backdoor targeting Microsoft Exchange
Servers worldwide. (to
the original material)
- Threat actor claims
responsibility for IBM and Stanford University hack. (to
the original material)
- Professional
Finance Company, Inc. is providing breach
notifications to patients of 663 covered entities. (to
the original material)
- Iranian hackers
leak info of over 300,000 Israelis from tourism sites.
(to
the original material)
- CISA Alert
(AA22-181A): MedusaLocker. (to
the original material)
- UPDATE: Michigan
Avenue Immediate Care in Chicago submits notification
concerning 2021 cyberattack. (to
the original material)
- Alameda Health
System’s second breach went undetected by
investigators of first breach? (to
the original material)
- Criminals use
deepfake videos to interview for remote work. (to
the original material)
- DragonForce
Malaysia releases LPE exploit, threatens ransomware. (to
the original material)
- ICYMI: A Microsoft
warning, Follina, Atlassian, and more. (to
the original material)
- When it comes to
SBOMs, do you know the ingredients in your
ingredients? (to
the original material)
- OpenSea NFT
Marketplace faces insider hack. (to
the original material)
- Microsoft going big
on identity with the launch of Entra. (to
the original material)
- Interview with
Mathieu Gorge – VigiTrust. (to
the original material)
- US DOJ targets
Baller Ape Rug Pull and other crypto fraud. (to
the original material)
- Indian Stock
Exchanges have 6 hours to report cyber incident. (to
the original material)
- ISMG Editors:
Russia's war has changed the cyber landscape. (to
the original material)
- Malware disrupts
multiple US State unemployment websites. (to
the original material)
- Poor patching
creates easy zero-day vulnerability reuse. (to
the original material)
- Atlassian patches
Jira server plugin to fix vulnerability. (to
the original material)
- Wegmans’ $400,000
fine for exposed customer data should leave all
retailers on high alert. (to
the original material)
- Moody’s says Costa
Rican response shows ‘resilience’ of sovereign
governments to ransomware. (to
the original material)
Archive:
Source:
Note Dorin M.
This site has a double
form, one in HTML and one in Joomla (if you are interested
in the utility behind this effort you can read the "Why
a HTML and a CMS (Joomla)" page).
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
Dorin M - July 31, 2022