Study - Technical - LMS-SFC EN) - Cyber Security - News Archive June 2022


Cyber Security - News Archive

June 2022

30.06.2022 - News from cyber security.

- Cybersecurity news of the Week (30.06.2022). (to the original material)

- #StopRansomware: MedusaLocker. (to the original material)

- Evaluating the use of encryption across the world’s top one million sites. (to the original material)

- EMEA continues to be a hotspot for malware threats. (to the original material)

- Evolving online habits have paved the way for fraud. What can we do about it? (to the original material)

- How businesses are prioritizing data privacy. (to the original material)

- Toll fraud malware disables your WiFi to force premium subscriptions. (to the original material)

- Macmillan shuts down systems after likely ransomware attack. (to the original material)

- Microsoft Exchange servers worldwide backdoored with new malware. (to the original material)

- Ukraine targeted by almost 800 cyberattacks since the war started. (to the original material)

- Russian hacktivists take down Norway govt sites in DDoS attacks. (to the original material)

- XFiles info-stealing malware adds support for Follina delivery. (to the original material)

- Google blocked dozens of domains used by hack-for-hire groups. (to the original material)

- AstraLocker 2.0 infects users directly from Word attachments. (to the original material)

- OpenSea discloses data breach, warns users of phishing attacks. (to the original material)

- Georgia hospital recovering from cyberattack with EHR downtime procedures. (to the original material)

- Revisions to TSA pipeline cyber rules highlight delicate balance between fed goals, industry realities. (to the original material)

- Apiiro aims to fix critical cloud risks in runtime. (to the original material)

- Korean cybersecurity agency released a free decryptor for Hive ransomware. (to the original material)

- Experts blame North Korea-linked Lazarus APT for the Harmony hack. (to the original material)

- Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker. (to the original material)

- YTStealer info-stealing malware targets YouTube content creators. (to the original material)

- Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers. (to the original material)

- North Korea's Lazarus group suspected of $100m Harmony hack. (to the original material)

- DragonForce Malaysia Group releases Windows LPE exploit and turns to ransomware tactics. (to the original material)

- Info-Stealing campaign targeted home workers for two years. (to the original material)

- Nevadan arrested for alleged $45m Metaverse investment fraud. (to the original material)

- Ukrainian cops bust multimillion-dollar phishing gang. (to the original material)

- Private Internet Access now has 50 servers in 50 US states. (to the original material)

29.06.2022 - News from cyber security.

- How parents can talk about online safety and personal info protection with their kids. (to the original material)

- Destructive firmware attacks pose a significant threat to businesses. (to the original material)

- Why digital trust needs to be a strategic imperative for your company. (to the original material)

- Teams that shift security left and focus on attackability ship more secure code. (to the original material)

- Walmart denies being hit by Yanluowang ransomware attack. (to the original material)

- Avaya sysadmin indicted for illegally generating, selling VoIP licenses. (to the original material)

- New YTStealer malware steals accounts from YouTube Creators. (to the original material)

- CISA warns of hackers exploiting PwnKit Linux vulnerability. (to the original material)

- Thunderbird 102 released with highly anticipated features, bug fixes. (to the original material)

- Ukraine arrests cybercrime gang operating over 400 phishing sites. (to the original material)

- CISA warns orgs to switch to Exchange Online Modern Auth until October. (to the original material)

- Google Workspace now alerts of critical changes to admin accounts. (to the original material)

- Amazon fixes high-severity vulnerability in Android Photos app. (to the original material)

- Microsoft fixes bug that let hackers hijack Azure Linux clusters. (to the original material)

28.06.2022 - News from cyber security.

- Researchers uncover ZuoRAT malware targeting home-office routers. (to the original material)

- Trends to watch when creating security strategy for the next two years. (to the original material)

- Detection, isolation, and negotiation: Improving your ransomware preparedness and response. (to the original material)

- Exploring the insecurity of readily available Wi-Fi networks. (to the original material)

- Threat actors increasingly use third parties to run their scams. (to the original material)

- Properly securing APIs is becoming increasingly urgent. (to the original material)

- Evilnum hackers return in new operation targeting migration orgs. (to the original material)

- New Firefox privacy feature strips URLs of tracking parameters. (to the original material)

- AMD investigates RansomHouse hack claims, theft of 450GB data. (to the original material)

- MITRE shares this year's list of most dangerous software bugs. (to the original material)

- New ZuoRAT malware targets SOHO routers in North America, Europe. (to the original material)

- FBI: Stolen PII and deepfakes used to apply for remote tech jobs. (to the original material)

- Breaking down the Zola hack and why password reuse is so dangerous. (to the original material)

- Raccoon Stealer is back with a new version to steal your passwords. (to the original material)

- Malicious Messenger chatbots used to steal Facebook accounts. (to the original material)

- Over 900,000 Kubernetes instances found exposed online. (to the original material)

- Collins Foods puts IT focus on security controls, cloud services. (to the original material)

- OpenSSL subject to remote memory corruption. (to the original material)

- EFF to European Court: Keep Encryption Alive. (to the original material)

- How to find & clean up the AnonymousFox hack. (to the original material)

27.06.2022 - News from cyber security.

- CISA adds eight known exploited vulnerabilities to Catalog . (to the original material)

- Vulnerability summary for the Week of June 20, 2022. (to the original material)

- OT security: Helping under-resourced critical infrastructure organizations. (to the original material)

- How phishing attacks are becoming more sophisticated. (to the original material)

- Python packages with malicious code expose secret AWS credentials. (to the original material)

- Clearview fine: The unacceptable face of modern surveillance. (to the original material)

- Cybercriminals use Azure Front Door in phishing attacks. (to the original material)

- 48% of security practitioners seeing 3x increase in alerts per day. (to the original material)

- Bank of the West found debit card-stealing skimmers on ATMs. (to the original material)

- Android malware ‘Revive’ impersonates BBVA bank’s 2FA app. (to the original material)

- US, Brazil seize 272 websites used to illegally download music. (to the original material)

- Vice Society claims ransomware attack on Med. University of Innsbruck. (to the original material)

- Microsoft Exchange bug abused to hack building automation systems. (to the original material)

- LockBit 3.0 introduces the first ransomware bug bounty program. (to the original material)

- Carnival fined US$5m for cyber security violations. (to the original material)

26.06.2022 - News from cyber security.

- LGBTQ+ community warned of extortionists abusing dating apps. (to the original material)

- Fake copyright infringement emails install LockBit ransomware. (to the original material)

- Clever phishing method bypasses MFA using Microsoft WebView2 apps. (to the original material)

- NetSec Goggle shows search results only from cybersecurity sites. (to the original material)

25.06.2022 - News from cyber security.

- PyPi python packages caught sending stolen AWS keys to unsecured sites. (to the original material)

- Automotive fabric supplier TB Kawashima announces cyberattack. (to the original material)

24.06.2022 - News from cyber security.

- The Annual Privacy Forum (APF) celebrates its first 10 years, as the links between privacy protection & cybersecurity continue to grow. (to the original material)

- Citrix releases security updates for Hypervisor. (to the original material)

- Attackers still exploit Log4Shell on VMware Horizon servers, CISA warns. (to the original material)

- New infosec products of the week: June 24, 2022. (to the original material)

- How companies are prioritizing infosec and compliance. (to the original material)

- Risky behavior reduced when executives put focus on identity security. (to the original material)

- Despite known security issues, VPN usage continues to thrive. (to the original material)

- The Week in Ransomware - June 24th 2022 - Splinter Cells. (to the original material)

- Mitel zero-day used by hackers in suspected ransomware attack. (to the original material)

- CafePress fined $500,000 for breach affecting 23 million users. (to the original material)

- Fast Shop Brazilian retailer discloses "extortion" cyberattack. (to the original material)

- Conti ransomware finally shuts down data leak, negotiation sites. (to the original material)

- Threat Roundup for June 17 to June 24. (to the original material)

- Qld gov proposes mandatory data breach reporting for agencies. (to the original material)

- Critical Splunk bug propagates code execution. (to the original material)

- Researchers hacked Oracle servers to demo serious vulnerability. (to the original material)

- Don't remove PowerShell: US, UK and NZ security agencies. (to the original material)

- Threat actors worked with ISPs to plant malware from Italian spyware vendor. (to the original material)

- EFF's Statement on Dobbs Abortion Ruling. (to the original material)

23.06.2022 - News from cyber security.

- Cybersecurity News of the Week (23.06.2022). (to the original material)

- Press Release: The European Cybersecurity Competence Centre Governing Board meets for the first time in Bucharest. (to the original material)

- Malicious cyber actors continue to exploit Log4Shell in VMware Horizon Systems. (to the original material)

- CISA releases Cloud Security Technical Reference Architecture. (to the original material)

- Conti effectively created an extortion-oriented IT company, says Group-IB. (to the original material)

- Automotive hose manufacturer hit by ransomware, shuts down production control system. (to the original material)

- Attack methods using hybrid bots enable criminals to open mule accounts at scale. (to the original material)

- Rate of IT security incidents grows with company size. (to the original material)

- Security pros increasingly plan to adopt MDR (Managed Detection and Response) services in the next 12 months. (to the original material)

- Scalper bots out of control in Israel, selling state appointments. (to the original material)

- CISA: Log4Shell exploits still being used to hack VMware servers. (to the original material)

- Spyware vendor works with ISPs to infect iOS and Android users. (to the original material)

- Lithuania warns of rise in DDoS attacks against government sites. (to the original material)

- Malicious Windows 'LNK' attacks made easy with new Quantum builder. (to the original material)

- Automotive hose maker Nichirin hit by ransomware attack. (to the original material)

- Chinese hackers use ransomware as decoy for cyber espionage. (to the original material)

- New MetaMask phishing campaign uses KYC lures to steal passphrases. (to the original material)

- Conti ransomware hacking spree breaches over 40 orgs in a month. (to the original material)

- The Bipartisan Digital Advertising Act would break up big trackers. (to the original material)

- Security and privacy tips for people seeking an abortion. (to the original material)

- 2021 Threat Report Webinar. (to the original material)

22.06.2022 - News from cyber security.

- Successful conclusion to the 3 day workshop: The role of the EU’s Cyber Ecosystem in the global cyber security stability. (to the original material)

- Google releases security updates for Chrome. (to the original material)

- CISA releases security advisories related to OT:ICEFALL (Insecure by Design) Report. (to the original material)

- Keeping PowerShell: Measures to use and embrace. (to the original material)

- 7 DevSecOps myths and how to overcome them. (to the original material)

- How to keep your NFTs safe from scammers. (to the original material)

- The price of stolen info: Everything on sale on the dark web. (to the original material)

- Webinar: What’s trending in email security? (to the original material)

- Critical PHP flaw exposes QNAP NAS devices to RCE attacks. (to the original material)

- In fast-paced identity space, Kantara Initiative ensures trust isn’t left in the dust. (to the original material)

- Questions over Cyber Command support, operations raised in defense authorization bill. (to the original material)

- For pharma, big profits don’t always translate to effective cybersecurity resources. (to the original material)

- Updated Emotet banking trojan more effective, proliferates through Excel macros. (to the original material)

- Microsoft demos SSI open standards at Identiverse: ‘This is the power of standards’. (to the original material)

- How properly implemented zero trust will help when it’s time for incident response. (to the original material)

- Researchers disclose cloud vulnerability of accounting firm Moss Adams. (to the original material)

- Customer communications key to Salesforce’s mandatory MFA edict. (to the original material)

- NSA shares tips on securing Windows devices with PowerShell. (to the original material)

- Chinese hackers target script kiddies with info-stealer trojan. (to the original material)

- Microsoft: Russia stepped up cyberattacks against Ukraine’s allies. (to the original material)

- MEGA fixes critical flaws that allowed the decryption of user data. (to the original material)

- Critical PHP flaw exposes QNAP NAS devices to RCE attacks. (to the original material)

- Adelaide council rules out facial recognition on city CCTV network. (to the original material)

- Westlaw must face Antitrust claims in a case that could boost competitive compatibility. (to the original material)

21.06.2022 - News from cyber security.

- Researchers disclose 56 vulnerabilities impacting thousands of OT devices. (to the original material)

- Fake voicemail notifications are after Office365, Outlook credentials. (to the original material)

- How the blurring of the “supply chain” opens your doors to attackers - and how you can close them. (to the original material)

- After being breached once, many companies are likely to be hit again. (to the original material)

- Solution to cybersecurity skills gap largely sits with hiring practices. (to the original material)

- Yodel parcel company confirms cyberattack is disrupting delivery. (to the original material)

- 7-zip now supports Windows ‘Mark-of-the-Web’ security feature. (to the original material)

- Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware. (to the original material)

- Adobe Acrobat may block antivirus tools from monitoring PDF files. (to the original material)

- Phishing gang behind millions in losses dismantled by police. (to the original material)

- Microsoft Exchange servers hacked by new ToddyCat APT gang. (to the original material)

- Icefall: 56 flaws impact thousands of exposed industrial devices. (to the original material)

- Feds dole out another $100 million in cloud, security investments for agencies. (to the original material)

- Avos ransomware group expands with new attack arsenal. (to the original material)

- Victory! Court rules that DMCA does not override First Amendment’s anonymous speech protections. (to the original material)

- When “Jawboning” creates private liability. (to the original material)

- Pass the "My Body, My Data" Act. (to the original material)

- Daycare Apps are dangerously insecure. (to the original material)

- Interview with Michał Kasprzak – TraceRoute42. (to the original material)

- Tips for WP-Config & How to avoid sensitive data exposure. (to the original material)

20.06.2022 - News from cyber security.

- Hats off to Team Europe - Winners of the 1st International Cybersecurity Challenge! (to the original material)

- Vulnerability summary for the Week of June 13, 2022. (to the original material)

- QNAP NAS devices hit by DeadBolt and ech0raix ransomware. (to the original material)

- How to properly adopt and manage Kubernetes in production. (to the original material)

- Board members and the C-suite need secure communication tools. (to the original material)

- How tool sprawl is becoming a common issue for SMEs. (to the original material)

- Data recovery depends on how good your backup strategy is. (to the original material)

- Increased security driving investments in cloud computing. (to the original material)

- New DFSCoerce NTLM Relay attack allows Windows domain takeover. (to the original material)

- Flagstar Bank discloses data breach impacting 1.5 million customers. (to the original material)

- New 'BidenCash' site sells your stolen credit card for just 15 cents. (to the original material)

- Microsoft 365 credentials targeted in new fake voicemail campaign. (to the original material)

- SA Police ignores Adelaide council plea for facial recognition ban on CCTV. (to the original material)

19.06.2022 - News from cyber security.

- Week in review: Microsoft fixes Follina, cybersecurity pros quitting, (IN)SECURE Magazine RSAC 2022. (to the original material)

- Google Chrome extensions can be fingerprinted to track you online. (to the original material)

- Android-wiping BRATA malware is evolving into a persistent threat. (to the original material)

18.06.2022 - News from cyber security.

- eCh0raix ransomware starts targeting QNAP NAS devices again. (to the original material)

- Wave of 'Matanbuchus' spam is infecting devices with Cobalt Strike. (to the original material)

- 8 Ways to prevent replay attacks. (to the original material)

17.06.2022 - News from cyber security.

- Criminal IP analysis report on zero-day vulnerability in Atlassian Confluence. (to the original material)

- New infosec products of the week: June 17, 2022. (to the original material)

- How financial institutions are improving customer experience with fraud prevention measures. (to the original material)

- Cyber criminals continue to target and exploit people. (to the original material)

- Fraud trends and scam tactics consumers should be aware of. (to the original material)

- The Week in Ransomware - June 17th 2022 - Have I Been Ransomed? (to the original material)

- Cisco says it won’t fix zero-day RCE in end-of-life VPN routers. (to the original material)

- Russian RSocks botnet disrupted after hacking millions of devices. (to the original material)

- QNAP 'thoroughly investigating' new DeadBolt ransomware attacks. (to the original material)

- Threat Roundup for June 10 to June 17. (to the original material)

- EFF warns another Court about the dangers of broad site-blocking orders. (to the original material)

16.06.2022 - News from cyber security.

- Cybersecurity News of the Week (16.06.2022). (to the original material)

- DNSC, Cyberint and ANSSI launch registrations for the National Cyber ​​Security Championship (RoCSC22). (to the original material)

- CISA Requests Public Comment on CISA’s TIC 3.0 Cloud Use Case. (to the original material)

- Cisco releases security updates for multiple products. (to the original material)

- Zero trust adoption: Industry-specific challenges and implementation strategies. (to the original material)

- 72% of middle market companies expect to experience a cyberattack. (to the original material)

- The challenges of managing increased complexity as hybrid IT accelerates. (to the original material)

- The future is passwordless. What’s slowing it down? (to the original material)

- Sophos Firewall zero-day bug exploited weeks before fix. (to the original material)

- iCloud hacker gets 9 years in prison for stealing nude photos. (to the original material)

- New MaliBot Android banking malware spreads as a crypto miner. (to the original material)

- 730K WordPress sites force-updated to patch critical plugin bug. (to the original material)

- Anker Eufy smart home hubs exposed to RCE attacks by critical flaw. (to the original material)

- New cloud-based Microsoft Defender for home now generally available. (to the original material)

- MetaMask, Phantom warn of flaw that could steal your crypto wallets. (to the original material)

- Revisit your password policies to retain PCI compliance. (to the original material)

- Microsoft Office 365 feature can help cloud ransomware attacks. (to the original material)

- Border Force searched more than 40,000 devices in five years. (to the original material)

- Threat Source newsletter (June 16, 2022) — Three top takeaways from Cisco Live. (to the original material)

- WooCommerce Credit Card Skimmer uses Telegram Bot to exfiltrate stolen data. (to the original material)

15.06.2022 - News from cyber security.

- Ransomware gang (Alphv group alias BlackCat) publishes stolen victim data on the public Internet. (to the original material)

- Mind the gap: How to ensure your vulnerability detection methods are up to scratch. (to the original material)

- Cloud computing top concerns: The focus is shifting. (to the original material)

- How confident are IT pros in the security of their organization’s supply chain? (to the original material)

- Phishing reaches all-time high in early 2022. (to the original material)

- Hackers exploit three-year-old Telerik flaws to deploy Cobalt Strike. (to the original material)

- Cisco Secure Email bug can let attackers bypass authentication. (to the original material)

- Zimbra bug allows stealing email logins with no user interaction (to the original material)

- Extortion gang ransoms Shoprite, largest supermarket chain in Africa. (to the original material)

- Citrix warns critical bug can let attackers reset admin passwords. (to the original material)

- Interpol seizes $50 million, arrests 2000 social engineers. (to the original material)

- New peer-to-peer botnet infects Linux servers with cryptominers. (to the original material)

- Microsoft: June Windows Server updates may cause backup issues. (to the original material)

- Thousands of GitHub, AWS, Docker tokens exposed in Travis CI logs. (to the original material)

- The Great Resignation has intensified insider security threats. (to the original material)

- Security: Understanding the fundamentals of governance, risk & compliance. (to the original material)

- Microsoft patched Azure bugs without notifying users, Tenable claims. (to the original material)

- Critical vulnerabilities found in Powertek distribution units. (to the original material)

- Microsoft patches exploited 'Follina' remote code exec bug. (to the original material)

- Canada wants companies to report cyber attacks. (to the original material)

- Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, authentication bypass. (to the original material)

- Facebook says Apple is too powerful. They're right. (to the original material)

- Stop this California Bill that bans affordable broadband rules. (to the original material)

14.06.2022 - News from cyber security.

- Adobe releases security updates for multiple products. (to the original material)

- SAP releases June 2022 security updates. (to the original material)

- CISA adds one known exploited vulnerability to catalog . (to the original material)

- Citrix releases security updates for Application Delivery Management. (to the original material)

- Microsoft releases June 2022 security updates. (to the original material)

- Microsoft fixes Follina and 55 other CVEs. (to the original material)

- (IN)SECURE Magazine: RSAC 2022 special issue released. (to the original material)

- Is your organization ready for Internet Explorer retirement? (to the original material)

- Once is never enough: The need for continuous penetration testing. (to the original material)

- SaaS security: How to avoid “death by 1000 apps”. (to the original material)

- Only 10% of vulnerabilities are remediated each month. (to the original material)

- Why do organizations need to prioritize ransomware preparedness? (to the original material)

- Strong passwords still a priority strategy for enterprises. (to the original material)

- Ransomware gang creates site for employees to search for their stolen data. (to the original material)

- New Hertzbleed side-channel attack affects Intel, AMD CPUs. (to the original material)

- Android malware on the Google Play Store gets 2 million downloads. (to the original material)

- Microsoft patches actively exploited Follina Windows zero-day. (to the original material)

- Microsoft June 2022 Patch Tuesday fixes 1 zero-day, 55 flaws. (to the original material)

- Owner of ‘DownThem’ DDoS service gets 2 years in prison. (to the original material)

- Firefox now blocks cross-site tracking by default for all users. (to the original material)

- Cloudflare mitigates record-breaking HTTPS DDoS attack. (to the original material)

- UTS (University of Technology Sydney) to create secure research hub at Tech Central. (to the original material)

- Microsoft Patch Tuesday for June 2022 — Snort rules and prominent vulnerabilities. (to the original material)

- Victory! New York’s vaccine privacy bill heads to Governor’s desk. (to the original material)

- Senator declares Amazon Ring's Audio Surveillance capabilities "Threaten the Public". (to the original material)

- EFF urges Congress to strengthen the American Data Privacy and Protection Act. (to the original material)

- What is a Scam? (to the original material)

13.06.2022 - News from cyber security.

- Drupal releases security updates. (to the original material)

- Vulnerability summary for the week of June 6, 2022. (to the original material)

- Metasploit 6.2.0 comes with 138 new modules, 148 enhancements and features. (to the original material)

- Microsoft helps prevent lateral movement from compromised unmanaged devices. (to the original material)

- API security warrants its own specific solution. (to the original material)

- Businesses are leaving bot attacks unchallenged for almost four months. (to the original material)

- Increased cloud complexity needs stronger cybersecurity. (to the original material)

- 45% of cybersecurity pros are considering quitting the industry due to stress. (to the original material)

- Kaiser Permanente data breach exposes health data of 69K people. (to the original material)

- Gallium hackers backdoor finance, govt orgs using new PingPull malware

- Hackers clone Coinbase, MetaMask mobile wallets to steal your crypto. (to the original material)

- Metasploit 6.2.0 improves credential theft, SMB support features, more. (to the original material)

- Microsoft: Exchange servers hacked to deploy BlackCat ransomware. (to the original material)

- New Syslogk Linux rootkit uses magic packets to trigger backdoor. (to the original material)

- Russian hackers start targeting Ukraine with Follina exploits. (to the original material)

- How the Federal Government buys our cell phone location data. (to the original material)

- EFF’s Flagship Jewel v. NSA Dragnet Spying Case rejected by the Supreme Court. (to the original material)

- PIA is leaving India due to data collection directive. (to the original material)

- Week in review: Follina exploit delivers Qbot malware, Patch Tuesday forecast, RSAC 2022. (to the original material)

- PyPI package 'keep' mistakenly included a password stealer. (to the original material)

- New Vytal Chrome extension hides location info that your VPN can't. (to the original material)

- Hello XD ransomware now drops a backdoor while encrypting. (to the original material)

11.06.2022 - News from cyber security.

- WiFi probing exposes smartphone users to tracking, info leaks. (to the original material)

- Confluence servers hacked to deploy AvosLocker, Cerber2021 ransomware. (to the original material)

10.06.2022 - News from cyber security.

- Considerations for ensuring the physical and cyber security of the electricity sub-sector. (to the original material)

- Google releases security updates for Chrome. (to the original material)

- Researchers unearth highly evasive “parasitic” Linux malware. (to the original material)

- June 2022 Patch Tuesday forecast: Internet Explorer fades into the sunset. (to the original material)

- New infosec products of the week: June 10, 2022. (to the original material)

- Only 43% of security pros can respond to critical alerts in less than an hour. (to the original material)

- Using the random motion of electrons to improve cybersecurity. (to the original material)

- The Week in Ransomware - June 10th 2022 - Targeting Linux. (to the original material)

- New PACMAN hardware attack targets Macs with Apple M1 CPUs. (to the original material)

- Iranian hackers target energy sector with new DNS backdoor. (to the original material)

- Hackers exploit recently patched Confluence bug for cryptomining. (to the original material)

- WA gov expands Microsoft enterprise agreement. (to the original material)

- IBM workflow analysis software beset by bugs. (to the original material)

- Cyber basics still beyond fed gov as Essential Eight mandate looms. (to the original material)

- Australian organizations targeted by Aoqin Dragon hackers for a decade. (to the original material)

09.06.2022 - News from cyber security.

- Press release: Directorate participates in Cyber ​​Europe 2022 cyber exercise testing European health sector resilience. (to the original material)

- Cybersecurity News of the Week (09.06.2022). (to the original material)

- Cyber Europe 2022: Testing the resilience of the European Healthcare Sector. (to the original material)

- CISA adds three known exploited vulnerabilities to Catalog. (to the original material)

- Summer holiday season fuels upswing of travel-themed spam. (to the original material)

- The most common exploit paths enterprises leave open for attackers. (to the original material)

- Getting to grips with SaaS security. (to the original material)

- Top three most critical areas of web security. (to the original material)

- Healthcare is most likely to pay the ransom. (to the original material)

- Only 13.5% of IT pros have mastered security in the cloud native space, (to the original material)

- Roblox Game Pass store used to sell ransomware decryptor. (to the original material)

- Microsoft Defender now isolates hacked, unmanaged Windows devices. (to the original material)

- Vice Society ransomware claims attack on Italian city of Palermo. (to the original material)

- Dark web sites selling alleged Western weapons sent to Ukraine. (to the original material)

- New Symbiote malware infects all running processes on Linux systems. (to the original material)

- Chinese hacking group Aoqin Dragon quietly spied orgs for a decade. (to the original material)

- icare still waiting on leaked workers' comp data to be deleted. (to the original material)

- Apple defeats class action over Meltdown, Spectre vulns. (to the original material)

- HTTP/3 becomes a standard, at last. (to the original material)

- Threat Source newsletter (June 9, 2022) - Get ready for Cisco Live. (to the original material)

- Talos EMEA monthly update: Business email compromise. (to the original material)

- How to protect your email - Stay safe from spam, malware, and online attacks. (to the original material)

- Smilodon Credit Card skimming malware shifts to WordPress. (to the original material)


- CISA adds 36 known exploited vulnerabilities to Catalog. (to the original material)

- Qbot – known channel for ransomware – delivered via phishing and Follina exploit. (to the original material)

- Intruder dwell time jumps 36%. (to the original material)

- Recovery and resilience: CISO insights into the 2022 cybersecurity landscape. (to the original material)

- Barely one-third of IT pros can vet code for tampering. (to the original material)

- Pandemic-related identity fraud: How serious is it? (to the original material)

- Zero trust segmentation eliminates 5 cyber disasters per year and saves $20+ million annually. (to the original material)

- OffSec (Offensive Security) to stream Kali Linux penetration testing course on Twitch. (to the original material)

- Massive Facebook Messenger phishing operation generates millions. (to the original material)

- Linux botnets now exploit critical Atlassian Confluence bug. (to the original material)

- Emotet malware now steals credit cards from Google Chrome users. (to the original material)

- Cuba ransomware returns to extorting victims with updated encryptor. (to the original material)

- Poisoned CCleaner search results spread information-stealing malware. (to the original material)

- US agencies accuse China of attacking telcos and network providers. (to the original material)

- Microsoft won't fix 'Dogwalk' zero-day from 2020. (to the original material)

- Platform liability trends around the globe: Moving forward. (to the original material)

- Mandatory Student Spyware is creating a perfect storm of Human Rights Abuses. (to the original material)

- The EU's new message-scanning Regulation must be stopped. (to the original material)

- How to delete your saved passwords on any browser in less than 5 minutes. (to the original material)

07.06.2022 - News from cyber security.

- People’s Republic of China state-sponsored cyber actors exploit network providers and devices. (to the original material)

- Owl Labs releases security updates for Meeting Owl Pro and Whiteboard Owl. (to the original material)

- CISA provides criteria and process for updates to the KEV Catalog. (to the original material)

- Apple unveils passkeys for passwordless authentication to apps and websites. (to the original material)

- Attackers aren’t slowing down, here’s what researchers are seeing. (to the original material)

- Turning the tables on cyber attackers. (to the original material)

- Ransomware attacks setting new records. (to the original material)

- Boards, CEOs demand software supply chain security improvements. (to the original material)

- Business fit report: Echoworx Email Encryption. (to the original material)

- Surfshark, ExpressVPN pull out of India over data retention laws. (to the original material)

- US seizes SSNDOB market for selling personal info of 24 million people. (to the original material)

- US: Chinese govt hackers breached telcos to snoop on network traffic. (to the original material)

- New SVCReady malware loads from Word doc properties. (to the original material)

- Qbot malware now uses Windows MSDT zero-day in phishing attacks. (to the original material)

- Linux version of Black Basta ransomware targets VMware ESXi servers. (to the original material)

- New ‘DogWalk’ Windows zero-day bug gets free unofficial patches. (to the original material)

- Online gun shops in the US hacked to steal credit cards. (to the original material)

- Shields Health Care Group data breach affects 2 million patients. (to the original material)

- Why Netflix isn't the only one bummed about password sharing. (to the original material)

- Android June 2022 updates bring fix for critical RCE vulnerability. (to the original material)

- Law firm mulls class action over NDIS software provider data breach. (to the original material)

- How to turn digital complexity into competitive advantage. (to the original material)

- NAB automates DR management to recover its systems faster. (to the original material)

- Your resistance pauses Axon’s Dangerous Drone Tasers. (to the original material)

- When DRM comes for your wheelchair. (to the original material)

- It takes 2 seconds of silence to skim a credit card. (to the original material)

06.06.2022 - News from cyber security.

- Cybersecurity Certification: breaking new ground. (to the original material)

- Qualys VMDR 2.0 with TruRisk: Taking vulnerability management to the next level. (to the original material)

- Healthcare-specific cybersecurity problems and how to address them. (to the original material)

- Intelligence must drive strategic decisions. (to the original material)

- Four steps to successful empathetic investigations. (to the original material)

- The costs and damages of DNS attacks. (to the original material)

- The Intigriti Ethical Hacker Survey 2022. (to the original material)

- QBot now pushes Black Basta ransomware in bot-powered attacks. (to the original material)

- Mandiant: “No evidence” we were hacked by LockBit ransomware. (to the original material)

- Ransomware gangs now give victims time to save their reputation. (to the original material)

- Windows zero-day exploited in US local govt phishing attacks. (to the original material)

- Italian city of Palermo shuts down all systems to fend off cyberattack. (to the original material)

- Former PJCIS chair named shadow cyber security minister. (to the original material)

- Click Studios revokes digital cert used by 'Follina' dropped malware. (to the original material)

- Speech-Related offenses should be excluded from the proposed UN Cybercrime Treaty. (to the original material)

05.06.2022 - News from cyber security.

- Week in review: Macro-less Office documents zero-day bug, FluBot takedown, growing DDoS threats. (to the original material)

- Exploit released for Atlassian Confluence RCE bug, patch now. (to the original material)

- Evasive phishing mixes reverse tunnels and URL shortening services. (to the original material)

04.06.2022 - News from cyber security.

- Bored Ape Yacht Club, Otherside NFTs stolen in Discord server hack. (to the original material)

- Apple blocked 1.6 millions apps from defrauding users in 2021. (to the original material)

- SMSFactory Android malware sneakily subscribes to premium services. (to the original material)

03.06.2022 - News from cyber security.

- CISA releases security advisory on Dominion Voting Systems Democracy Suite ImageCast X. (to the original material)

- Atlassian releases new versions of Confluence Server and Data Center to address CVE-2022-26134. (to the original material)

- Attackers are leveraging Follina. What can you do? (to the original material)

- Unpatched Atlassian Confluence zero-day exploited, fix expected today (CVE-2022-26134). (to the original material)

- New infosec products of the week: June 3, 2022. (to the original material)

- 40% of enterprises don’t include business-critical systems in their cybersecurity monitoring. (to the original material)

- Intelligence is key to strategic business decisions. (to the original material)

- The Week in Ransomware - June 3rd 2022 - Evading sanctions. (to the original material)

- Novartis says no sensitive data was compromised in cyberattack. (to the original material)

- WatchDog hacking group launches new Docker cryptojacking campaign. (to the original material)

- Atlassian fixes Confluence zero-day widely exploited in attacks. (to the original material)

- Americans report losing over $1 billion to cryptocurrency scams. (to the original material)

- Microsoft disrupts Bohrium hackers’ spear-phishing operation. (to the original material)

- GitLab security update fixes critical account take over flaw. (to the original material)

- No patch for actively exploited Atlassian Confluence zero-day. (to the original material)

- Threat Advisory: Atlassian Confluence zero-day vulnerability under active exploitation. (to the original material)

- Threat Roundup for May 27 to June 3. (to the original material)

- EFF to Inter-American Court of Human Rights: Colombia’s Surveillance of Human Rights-Defending Lawyers Group Violated International Law. (to the original material)

- Axon Must Not Arm Drones with Tasers. (to the original material)

- San Francisco Police nailed for violating public records laws regarding face recognition and Fusion Center documents. (to the original material)

02.06.2022 - News from cyber security.

- Cybersecurity News of the Week (02.06.2022). (to the original material)

- Atlassian releases security advisory for Confluence Server and Data Center, CVE-2022-26134. (to the original material)

- CISA adds one known exploited vulnerability (CVE-2022-26134) to Catalog. (to the original material)

- CISA releases security advisory on Illumina Local Run Manager. (to the original material)

- CISA updates advisory on threat actors chaining unpatched VMware vulnerabilities. (to the original material)

- Microsoft Office apps are vulnerable to IDN homograph attacks. (to the original material)

- Concentric’s AI technologies simplify and automate data security. (to the original material)

- How to support women in cybersecurity. (to the original material)

- Massive shadow code risk for world’s largest businesses. (to the original material)

- Language-based BEC attacks rising. (to the original material)

- Autonomous vehicles can be tricked into erratic driving behavior. (to the original material)

- Critical Atlassian Confluence zero-day actively used in attacks. (to the original material)

- Top 10 Android banking trojans target apps with 1 billion downloads. (to the original material)

- Evil Corp switches to LockBit ransomware to evade sanctions. (to the original material)

- Ransomware gang now hacks corporate websites to show ransom notes. (to the original material)

- Microsoft blocks Polonium hackers from using OneDrive in attacks. (to the original material)

- Chinese LuoYu hackers deploy cyber-espionage malware via app updates. (to the original material)

- Conti ransomware targeted Intel firmware for stealthy attacks. (to the original material)

- Clipminer malware gang stole $1.7M by hijacking crypto payments. (to the original material)

- Foxconn confirms ransomware attack disrupted production in Mexico. (to the original material)

- Global police operation takes down Flubot infrastructure. (to the original material)

- NSW public insurer icare privacy bungle hits 193,000 people. (to the original material)

- Threat Source newsletter (June 2, 2022) - An RSA Conference primer. (to the original material)

- Analysis of the massive NDSW/NDSX malware campaign. (to the original material)

01.06.2022 - News from cyber security.

- Mozilla releases security updates for Firefox, Firefox ESR, and Thunderbird. (to the original material)

- Karakurt data extortion group. (to the original material)

- FluBot takedown: Law enforcement takes control of Android spyware’s infrastructure. (to the original material)

- Paving your path to SASE: 4 tips for achieving connectivity and security. (to the original material)

- How cybercriminals are targeting executives at home and their families. (to the original material)

- DDoS threats growing in sophistication, size, and frequency. (to the original material)

- Contactless is reigning: Consumers can’t even remember their PIN. (to the original material)

- Infosec products of the month: May 2022. (to the original material)

- New Windows Search zero-day added to Microsoft protocol nightmare. (to the original material)

- Hundreds of Elasticsearch databases targeted in ransom attacks. (to the original material)

- FBI seizes domains used to sell stolen data, DDoS services. (to the original material)

- US govt: Paying Karakurt extortion ransoms won’t stop data leaks. (to the original material)

- RuneScape phishing steals accounts and in-game item bank PINs. (to the original material)

- Windows MSDT zero-day vulnerability gets free unofficial patch. (to the original material)

- FluBot Android malware operation shutdown by law enforcement. (to the original material)

- SideWinder hackers plant fake Android VPN app in Google Play Store. (to the original material)

- Ransomware attacks need less than four days to encrypt systems. (to the original material)

- Telegram’s blogging platform abused in phishing attacks. (to the original material)

- Google open sources data centre scale encryption. (to the original material)

- Threat Advisory: Zero-day vulnerability in Microsoft diagnostic tool MSDT could lead to code execution. (to the original material)

- New York: Tell Your Assembly members to Pass This Landmark Repair Bill. (to the original material)

- Platform Liability Trends Around the Globe: Recent Noteworthy Developments. (to the original material)


Archive:

Click here to access archive content.

Source:

Click here to access to documentation sources.

Note Dorin M.

This site has a double form, one in HTML and one in Joomla (if you are interested in the utility behind this effort you can read the "Why  a HTML and a CMS (Joomla)" page).
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.

Dorin M - May 31, 2022


Thank you for your visit!

Whenever you consider that it "worth", I expect you with feedback, comments or donations in
the account RO95BRDE090SV31723640900 opened at "BRD-Groupe Société Générale" S.A. Romania or
Paypal donation (using the button below)

or on Patreon (using the button below).

Become a Patron!

© Dorin Merticaru. (MEDOW Soft HD)