Study - Technical - LMS-SFC EN) - Cyber Security - News Archive June 2022
Cyber Security - News Archive
June 2022
30.06.2022
- News
from cyber security.
- Cybersecurity
news of the Week (30.06.2022). (to
the original material)
-
#StopRansomware: MedusaLocker. (to
the original material)
- Evaluating
the use of encryption across the world’s top one
million sites. (to
the original material)
- EMEA
continues to be a hotspot for malware threats. (to
the original material)
- Evolving
online habits have paved the way for fraud. What
can we do about it? (to
the original material)
- How
businesses are prioritizing data privacy. (to
the original material)
- Toll fraud
malware disables your WiFi to force premium
subscriptions. (to
the original material)
- Macmillan
shuts down systems after likely ransomware
attack. (to
the original material)
- Microsoft
Exchange servers worldwide backdoored with new
malware. (to
the original material)
- Ukraine
targeted by almost 800 cyberattacks since the
war started. (to
the original material)
- Russian
hacktivists take down Norway govt sites in DDoS
attacks. (to
the original material)
- XFiles
info-stealing malware adds support for Follina
delivery. (to
the original material)
- Google
blocked dozens of domains used by hack-for-hire
groups. (to
the original material)
- AstraLocker
2.0 infects users directly from Word
attachments. (to
the original material)
- OpenSea
discloses data breach, warns users of phishing
attacks. (to
the original material)
- Georgia
hospital recovering from cyberattack with EHR
downtime procedures. (to
the original material)
- Revisions to
TSA pipeline cyber rules highlight delicate
balance between fed goals, industry realities. (to
the original material)
- Apiiro aims
to fix critical cloud risks in runtime. (to
the original material)
- Korean
cybersecurity agency released a free decryptor
for Hive ransomware. (to
the original material)
- Experts blame
North Korea-linked Lazarus APT for the Harmony
hack. (to
the original material)
- Ex-Canadian
government employee admits to being a member of
the Russian cybercrime gang NetWalker. (to
the original material)
- YTStealer
info-stealing malware targets YouTube content
creators. (to
the original material)
- Path
Traversal flaw in UnRAR utility can allow
hacking Zimbra Mail servers. (to
the original material)
- North Korea's
Lazarus group suspected of $100m Harmony hack. (to
the original material)
- DragonForce
Malaysia Group releases Windows LPE exploit and
turns to ransomware tactics. (to
the original material)
- Info-Stealing
campaign targeted home workers for two years. (to
the original material)
- Nevadan
arrested for alleged $45m Metaverse investment
fraud. (to
the original material)
- Ukrainian
cops bust multimillion-dollar phishing gang. (to
the original material)
- Private
Internet Access now has 50 servers in 50 US
states. (to
the original material)
- How parents
can talk about online safety and personal info
protection with their kids. (to
the original material)
- Destructive
firmware attacks pose a significant threat to
businesses. (to
the original material)
- Why digital
trust needs to be a strategic imperative for
your company. (to
the original material)
- Teams that
shift security left and focus on attackability
ship more secure code. (to
the original material)
- Walmart
denies being hit by Yanluowang ransomware
attack. (to
the original material)
- Avaya
sysadmin indicted for illegally generating,
selling VoIP licenses. (to
the original material)
- New YTStealer
malware steals accounts from YouTube Creators. (to
the original material)
- CISA warns of
hackers exploiting PwnKit Linux vulnerability. (to
the original material)
- Thunderbird
102 released with highly anticipated features,
bug fixes. (to
the original material)
- Ukraine
arrests cybercrime gang operating over 400
phishing sites. (to
the original material)
- CISA warns
orgs to switch to Exchange Online Modern Auth
until October. (to
the original material)
- Google
Workspace now alerts of critical changes to
admin accounts. (to
the original material)
- Amazon fixes
high-severity vulnerability in Android Photos
app. (to
the original material)
- Microsoft
fixes bug that let hackers hijack Azure Linux
clusters. (to
the original material)
28.06.2022
- News
from cyber security.
- Researchers
uncover ZuoRAT malware targeting home-office
routers. (to
the original material)
- Trends to
watch when creating security strategy for the
next two years. (to
the original material)
- Detection,
isolation, and negotiation: Improving your
ransomware preparedness and response. (to
the original material)
- Exploring
the insecurity of readily available Wi-Fi
networks. (to
the original material)
- Threat
actors increasingly use third parties to run
their scams. (to
the original material)
- Properly
securing APIs is becoming increasingly urgent.
(to
the original material)
- Evilnum
hackers return in new operation targeting
migration orgs. (to
the original material)
- New Firefox
privacy feature strips URLs of tracking
parameters. (to
the original material)
- AMD
investigates RansomHouse hack claims, theft of
450GB data. (to
the original material)
- MITRE
shares this year's list of most dangerous
software bugs. (to
the original material)
- New ZuoRAT
malware targets SOHO routers in North America,
Europe. (to
the original material)
- FBI: Stolen
PII and deepfakes used to apply for remote
tech jobs. (to
the original material)
- Breaking
down the Zola hack and why password reuse is
so dangerous. (to
the original material)
- Raccoon
Stealer is back with a new version to steal
your passwords. (to
the original material)
- Malicious
Messenger chatbots used to steal Facebook
accounts. (to
the original material)
- Over
900,000 Kubernetes instances found exposed
online. (to
the original material)
- Collins
Foods puts IT focus on security controls,
cloud services. (to
the original material)
- OpenSSL
subject to remote memory corruption. (to
the original material)
- EFF to
European Court: Keep Encryption Alive. (to
the original material)
- How to find
& clean up the AnonymousFox hack. (to
the original material)
27.06.2022
- News
from cyber security.
- CISA adds
eight known exploited vulnerabilities to
Catalog . (to
the original material)
-
Vulnerability summary for the Week of June 20,
2022. (to
the original material)
- OT
security: Helping under-resourced critical
infrastructure organizations. (to
the original material)
- How
phishing attacks are becoming more
sophisticated. (to
the original material)
- Python
packages with malicious code expose secret AWS
credentials. (to
the original material)
- Clearview
fine: The unacceptable face of modern
surveillance. (to
the original material)
-
Cybercriminals use Azure Front Door in
phishing attacks. (to
the original material)
- 48% of
security practitioners seeing 3x increase in
alerts per day. (to
the original material)
- Bank of the
West found debit card-stealing skimmers on
ATMs. (to
the original material)
- Android
malware ‘Revive’ impersonates BBVA bank’s 2FA
app. (to
the original material)
- US, Brazil
seize 272 websites used to illegally download
music. (to
the original material)
- Vice
Society claims ransomware attack on Med.
University of Innsbruck. (to
the original material)
- Microsoft
Exchange bug abused to hack building
automation systems. (to
the original material)
- LockBit 3.0
introduces the first ransomware bug bounty
program. (to
the original material)
- Carnival
fined US$5m for cyber security violations. (to
the original material)
26.06.2022
- News
from cyber security.
- LGBTQ+
community warned of extortionists abusing
dating apps. (to
the original material)
- Fake
copyright infringement emails install LockBit
ransomware. (to
the original material)
- Clever
phishing method bypasses MFA using Microsoft
WebView2 apps. (to
the original material)
- NetSec
Goggle shows search results only from
cybersecurity sites. (to
the original material)
25.06.2022
- News
from cyber security.
- PyPi python
packages caught sending stolen AWS keys to
unsecured sites. (to
the original material)
- Automotive
fabric supplier TB Kawashima announces
cyberattack. (to
the original material)
24.06.2022
- News
from cyber security.
- The Annual
Privacy Forum (APF) celebrates its first 10
years, as the links between privacy protection
& cybersecurity continue to grow. (to
the original material)
- Citrix
releases security updates for Hypervisor. (to
the original material)
- Attackers
still exploit Log4Shell on VMware Horizon
servers, CISA warns. (to
the original material)
- New infosec
products of the week: June 24, 2022. (to
the original material)
- How
companies are prioritizing infosec and
compliance. (to
the original material)
- Risky
behavior reduced when executives put focus on
identity security. (to
the original material)
- Despite
known security issues, VPN usage continues to
thrive. (to
the original material)
- The Week in
Ransomware - June 24th 2022 - Splinter Cells.
(to
the original material)
- Mitel
zero-day used by hackers in suspected
ransomware attack. (to
the original material)
- CafePress
fined $500,000 for breach affecting 23 million
users. (to
the original material)
- Fast Shop
Brazilian retailer discloses "extortion"
cyberattack. (to
the original material)
- Conti
ransomware finally shuts down data leak,
negotiation sites. (to
the original material)
- Threat
Roundup for June 17 to June 24. (to
the original material)
- Qld gov
proposes mandatory data breach reporting for
agencies. (to
the original material)
- Critical
Splunk bug propagates code execution. (to
the original material)
- Researchers
hacked Oracle servers to demo serious
vulnerability. (to
the original material)
- Don't
remove PowerShell: US, UK and NZ security
agencies. (to
the original material)
- Threat
actors worked with ISPs to plant malware from
Italian spyware vendor. (to
the original material)
- EFF's
Statement on Dobbs Abortion Ruling. (to
the original material)
23.06.2022
- News
from cyber security.
-
Cybersecurity News
of the Week
(23.06.2022). (to
the original
material)
-
Press Release: The
European
Cybersecurity
Competence Centre
Governing Board
meets for the
first time in
Bucharest. (to
the original
material)
-
Malicious cyber
actors continue to
exploit Log4Shell
in VMware Horizon
Systems. (to
the original
material)
-
CISA releases
Cloud Security
Technical
Reference
Architecture. (to
the original
material)
- Conti
effectively created an extortion-oriented IT
company, says Group-IB. (to
the original material)
- Automotive
hose manufacturer hit by ransomware, shuts
down production control system. (to
the original material)
- Attack
methods using hybrid bots enable criminals to
open mule accounts at scale. (to
the original material)
- Rate of IT
security incidents grows with company size. (to
the original material)
- Security
pros increasingly plan to adopt MDR (Managed
Detection and
Response)
services in the next 12 months. (to
the original material)
- Scalper
bots out of control in Israel, selling state
appointments. (to
the original material)
- CISA:
Log4Shell exploits still being used to hack
VMware servers. (to
the original material)
- Spyware
vendor works with ISPs to infect iOS and
Android users. (to
the original material)
- Lithuania
warns of rise in DDoS attacks against
government sites. (to
the original material)
- Malicious
Windows 'LNK' attacks made easy with new
Quantum builder. (to
the original material)
- Automotive
hose maker Nichirin hit by ransomware attack.
(to
the original material)
- Chinese
hackers use ransomware as decoy for cyber
espionage. (to
the original material)
- New
MetaMask phishing campaign uses KYC lures to
steal passphrases. (to
the original material)
- Conti
ransomware hacking spree breaches over 40 orgs
in a month. (to
the original material)
- The
Bipartisan Digital Advertising Act would break
up big trackers. (to
the original material)
- Security
and privacy tips for people seeking an
abortion. (to
the original material)
- 2021 Threat
Report Webinar. (to
the original material)
22.06.2022
- News
from cyber security.
- Successful
conclusion to the 3 day workshop: The role of
the EU’s Cyber Ecosystem in the global cyber
security stability. (to
the original material)
- Google
releases security updates for Chrome. (to
the original material)
- CISA
releases security advisories related to
OT:ICEFALL (Insecure by Design) Report. (to
the original material)
- Keeping
PowerShell: Measures to use and embrace. (to
the original material)
- 7 DevSecOps
myths and how to overcome them. (to
the original material)
- How to keep
your NFTs safe from scammers. (to
the original material)
- The price
of stolen info: Everything on sale on the dark
web. (to
the original material)
- Webinar:
What’s trending in email security? (to
the original material)
- Critical
PHP flaw exposes QNAP NAS devices to RCE
attacks. (to
the original material)
- In
fast-paced identity space, Kantara Initiative
ensures trust isn’t left in the dust. (to
the original material)
- Questions
over Cyber Command support, operations raised
in defense authorization bill. (to
the original material)
- For pharma,
big profits don’t always translate to
effective cybersecurity resources. (to
the original material)
- Updated
Emotet banking trojan more effective,
proliferates through Excel macros. (to
the original material)
- Microsoft
demos SSI open standards at Identiverse: ‘This
is the power of standards’. (to
the original material)
- How
properly implemented zero trust will help when
it’s time for incident response. (to
the original material)
- Researchers
disclose cloud vulnerability of accounting
firm Moss Adams. (to
the original material)
- Customer
communications key to Salesforce’s mandatory
MFA edict. (to
the original material)
- NSA shares
tips on securing Windows devices with
PowerShell. (to
the original material)
- Chinese
hackers target script kiddies with
info-stealer trojan. (to
the original material)
- Microsoft:
Russia stepped up cyberattacks against
Ukraine’s allies. (to
the original material)
- MEGA fixes
critical flaws that allowed the decryption of
user data. (to
the original material)
- Critical
PHP flaw exposes QNAP NAS devices to RCE
attacks. (to
the original material)
- Adelaide
council rules out facial recognition on city
CCTV network. (to
the original material)
- Westlaw
must face Antitrust claims in a case that
could boost competitive compatibility. (to
the original material)
21.06.2022
- News
from cyber security.
- Researchers
disclose 56 vulnerabilities impacting
thousands of OT devices. (to
the original material)
- Fake
voicemail notifications are after Office365,
Outlook credentials. (to
the original material)
- How the
blurring of the “supply chain” opens your
doors to attackers - and how you can close
them. (to
the original material)
- After being
breached once, many companies are likely to be
hit again. (to
the original material)
- Solution to
cybersecurity skills gap largely sits with
hiring practices. (to
the original material)
- Yodel
parcel company confirms cyberattack is
disrupting delivery. (to
the original material)
- 7-zip now
supports Windows ‘Mark-of-the-Web’ security
feature. (to
the original material)
- Russian
govt hackers hit Ukraine with Cobalt Strike,
CredoMap malware. (to
the original material)
- Adobe
Acrobat may block antivirus tools from
monitoring PDF files. (to
the original material)
- Phishing
gang behind millions in losses dismantled by
police. (to
the original material)
- Microsoft
Exchange servers hacked by new ToddyCat APT
gang. (to
the original material)
- Icefall: 56
flaws impact thousands of exposed industrial
devices. (to
the original material)
- Feds dole
out another $100 million in cloud, security
investments for agencies. (to
the original material)
- Avos
ransomware group expands with new attack
arsenal. (to
the original material)
- Victory!
Court rules that DMCA does not override First
Amendment’s anonymous speech protections. (to
the original material)
- When
“Jawboning” creates private liability. (to
the original material)
- Pass the
"My Body, My Data" Act. (to
the original material)
- Daycare
Apps are dangerously insecure. (to
the original material)
- Interview
with Michał Kasprzak – TraceRoute42. (to
the original material)
- Tips for
WP-Config & How to avoid sensitive data
exposure. (to
the original material)
20.06.2022
- News
from cyber security.
- Hats off to
Team Europe - Winners of the 1st International
Cybersecurity Challenge! (to
the original material)
-
Vulnerability summary for the Week of June 13,
2022. (to
the original material)
- QNAP NAS
devices hit by DeadBolt and ech0raix
ransomware. (to
the original material)
- How to
properly adopt and manage Kubernetes in
production. (to
the original material)
- Board
members and the C-suite need secure
communication tools. (to
the original material)
- How tool
sprawl is becoming a common issue for SMEs. (to
the original material)
- Data
recovery depends on how good your backup
strategy is. (to
the original material)
- Increased
security driving investments in cloud
computing. (to
the original material)
- New
DFSCoerce NTLM Relay attack allows Windows
domain takeover. (to
the original material)
- Flagstar
Bank discloses data breach impacting 1.5
million customers. (to
the original material)
- New
'BidenCash' site sells your stolen credit card
for just 15 cents. (to
the original material)
- Microsoft
365 credentials targeted in new fake voicemail
campaign. (to
the original material)
- SA Police
ignores Adelaide council plea for facial
recognition ban on CCTV. (to
the original material)
19.06.2022
- News
from cyber security.
- Week in
review: Microsoft fixes Follina, cybersecurity
pros quitting, (IN)SECURE Magazine RSAC 2022.
(to
the original material)
- Google
Chrome extensions can be fingerprinted to
track you online. (to
the original material)
-
Android-wiping BRATA malware is evolving into
a persistent threat. (to
the original material)
18.06.2022
- News
from cyber security.
- eCh0raix
ransomware starts targeting QNAP NAS devices
again. (to
the original material)
- Wave of
'Matanbuchus' spam is infecting devices with
Cobalt Strike. (to
the original material)
- 8 Ways to
prevent replay attacks. (to
the original material)
17.06.2022
- News
from cyber security.
- Criminal IP
analysis report on zero-day vulnerability in
Atlassian Confluence. (to
the original material)
- New infosec
products of the week: June 17, 2022. (to
the original material)
- How
financial institutions are improving customer
experience with fraud prevention measures. (to
the original material)
- Cyber
criminals continue to target and exploit
people. (to
the original material)
- Fraud
trends and scam tactics consumers should be
aware of. (to
the original material)
- The Week in
Ransomware - June 17th 2022 - Have I Been
Ransomed? (to
the original material)
- Cisco says
it won’t fix zero-day RCE in end-of-life VPN
routers. (to
the original material)
- Russian
RSocks botnet disrupted after hacking millions
of devices. (to
the original material)
- QNAP
'thoroughly investigating' new DeadBolt
ransomware attacks. (to
the original material)
- Threat
Roundup for June 10 to June 17. (to
the original material)
- EFF warns
another Court about the dangers of broad
site-blocking orders. (to
the original material)
16.06.2022
- News
from cyber security.
-
Cybersecurity News of the Week (16.06.2022). (to
the original material)
- DNSC,
Cyberint and ANSSI launch registrations for
the National Cyber Security Championship
(RoCSC22). (to
the original material)
- CISA
Requests Public Comment on CISA’s TIC 3.0
Cloud Use Case. (to
the original material)
- Cisco
releases security updates for multiple
products. (to
the original material)
- Zero trust
adoption: Industry-specific challenges and
implementation strategies. (to
the original material)
- 72% of
middle market companies expect to experience a
cyberattack. (to
the original material)
- The
challenges of managing increased complexity as
hybrid IT accelerates. (to
the original material)
- The future
is passwordless. What’s slowing it down? (to
the original material)
- Sophos
Firewall zero-day bug exploited weeks before
fix. (to
the original material)
- iCloud
hacker gets 9 years in prison for stealing
nude photos. (to
the original material)
- New MaliBot
Android banking malware spreads as a crypto
miner. (to
the original material)
- 730K
WordPress sites force-updated to patch
critical plugin bug. (to
the original material)
- Anker Eufy
smart home hubs exposed to RCE attacks by
critical flaw. (to
the original material)
- New
cloud-based Microsoft Defender for home now
generally available. (to
the original material)
- MetaMask,
Phantom warn of flaw that could steal your
crypto wallets. (to
the original material)
- Revisit
your password policies to retain PCI
compliance. (to
the original material)
- Microsoft
Office 365 feature can help cloud ransomware
attacks. (to
the original material)
- Border
Force searched more than 40,000 devices in
five years. (to
the original material)
- Threat
Source newsletter (June 16, 2022) — Three top
takeaways from Cisco Live. (to
the original material)
- WooCommerce
Credit Card Skimmer uses Telegram Bot to
exfiltrate stolen data. (to
the original material)
15.06.2022
- News
from cyber security.
-
Ransomware gang (Alphv group alias
BlackCat) publishes stolen victim data
on the public Internet. (to
the original material)
- Mind the
gap: How to ensure your vulnerability
detection methods are up to scratch. (to
the original material)
- Cloud
computing top concerns: The focus is
shifting. (to
the original material)
- How
confident are IT pros in the security of
their organization’s supply chain? (to
the original material)
- Phishing
reaches all-time high in early 2022. (to
the original material)
- Hackers
exploit three-year-old Telerik flaws to
deploy Cobalt Strike. (to
the original material)
- Cisco
Secure Email bug can let attackers bypass
authentication. (to
the original material)
- Zimbra
bug allows stealing email logins with no
user interaction (to
the original material)
- Extortion
gang ransoms Shoprite, largest supermarket
chain in Africa. (to
the original material)
- Citrix
warns critical bug can let attackers reset
admin passwords. (to
the original material)
- Interpol
seizes $50 million, arrests 2000 social
engineers. (to
the original material)
- New
peer-to-peer botnet infects Linux servers
with cryptominers. (to
the original material)
-
Microsoft: June Windows Server updates may
cause backup issues. (to
the original material)
- Thousands
of GitHub, AWS, Docker tokens exposed in
Travis CI logs. (to
the original material)
- The Great
Resignation has intensified insider security
threats. (to
the original material)
- Security:
Understanding the fundamentals of
governance, risk & compliance. (to
the original material)
- Microsoft
patched Azure bugs without notifying users,
Tenable claims. (to
the original material)
- Critical
vulnerabilities found in Powertek
distribution units. (to
the original material)
- Microsoft
patches exploited 'Follina' remote code exec
bug. (to
the original material)
- Canada
wants companies to report cyber attacks. (to
the original material)
-
Vulnerability Spotlight: Vulnerabilities in
Anker Eufy Homebase could lead to code
execution, authentication bypass. (to
the original material)
- Facebook
says Apple is too powerful. They're right. (to
the original material)
- Stop this
California Bill that bans affordable
broadband rules. (to
the original material)
14.06.2022
- News
from cyber security.
- Adobe
releases security updates for multiple
products. (to
the original material)
- SAP
releases June 2022 security updates. (to
the original material)
- CISA
adds one known exploited vulnerability to
catalog . (to
the original material)
- Citrix
releases security updates for Application
Delivery Management. (to
the original material)
-
Microsoft releases June 2022 security
updates. (to
the original material)
-
Microsoft fixes Follina and 55 other CVEs.
(to
the original material)
-
(IN)SECURE Magazine: RSAC 2022 special
issue released. (to
the original material)
- Is your
organization ready for Internet Explorer
retirement? (to
the original material)
- Once is
never enough: The need for continuous
penetration testing. (to
the original material)
- SaaS
security: How to avoid “death by 1000
apps”. (to
the original material)
- Only
10% of vulnerabilities are remediated each
month. (to
the original material)
- Why do
organizations need to prioritize
ransomware preparedness? (to
the original material)
- Strong
passwords still a priority strategy for
enterprises. (to
the original material)
-
Ransomware gang creates site for employees
to search for their stolen data. (to
the original material)
- New
Hertzbleed side-channel attack affects
Intel, AMD CPUs. (to
the original material)
- Android
malware on the Google Play Store gets 2
million downloads. (to
the original material)
-
Microsoft patches actively exploited
Follina Windows zero-day. (to
the original material)
-
Microsoft June 2022 Patch Tuesday fixes 1
zero-day, 55 flaws. (to
the original material)
- Owner
of ‘DownThem’ DDoS service gets 2 years in
prison. (to
the original material)
- Firefox
now blocks cross-site tracking by default
for all users. (to
the original material)
-
Cloudflare mitigates record-breaking HTTPS
DDoS attack. (to
the original material)
- UTS
(University of Technology Sydney) to
create secure research hub at Tech
Central. (to
the original material)
-
Microsoft Patch Tuesday for June 2022 —
Snort rules and prominent vulnerabilities.
(to
the original material)
-
Victory! New York’s vaccine privacy bill
heads to Governor’s desk. (to
the original material)
- Senator
declares Amazon Ring's Audio Surveillance
capabilities "Threaten the Public". (to
the original material)
- EFF
urges Congress to strengthen the American
Data Privacy and Protection Act. (to
the original material)
- What is
a Scam? (to
the original material)
13.06.2022
- News
from cyber security.
-
Drupal releases security updates. (to
the original material)
-
Vulnerability summary for the week of
June 6, 2022. (to
the original material)
-
Metasploit 6.2.0 comes with 138 new
modules, 148 enhancements and features.
(to
the original material)
-
Microsoft helps prevent lateral movement
from compromised unmanaged devices. (to
the original material)
- API
security warrants its own specific
solution. (to
the original material)
-
Businesses are leaving bot attacks
unchallenged for almost four months. (to
the original material)
-
Increased cloud complexity needs
stronger cybersecurity. (to
the original material)
- 45%
of cybersecurity pros are considering
quitting the industry due to stress. (to
the original material)
-
Kaiser Permanente data breach exposes
health data of 69K people. (to
the original material)
-
Gallium hackers backdoor finance, govt
orgs using new PingPull malware
-
Hackers clone Coinbase, MetaMask mobile
wallets to steal your crypto. (to
the original material)
-
Metasploit 6.2.0 improves credential
theft, SMB support features, more. (to
the original material)
-
Microsoft: Exchange servers hacked to
deploy BlackCat ransomware. (to
the original material)
- New
Syslogk Linux rootkit uses magic packets
to trigger backdoor. (to
the original material)
-
Russian hackers start targeting Ukraine
with Follina exploits. (to
the original material)
- How
the Federal Government buys our cell
phone location data. (to
the original material)
- EFF’s
Flagship Jewel v. NSA Dragnet Spying
Case rejected by the Supreme Court. (to
the original material)
- PIA
is leaving India due to data collection
directive. (to
the original material)
- Week
in review: Follina exploit delivers Qbot
malware, Patch Tuesday forecast, RSAC
2022. (to
the original material)
- PyPI
package 'keep' mistakenly included a
password stealer. (to
the original material)
- New
Vytal Chrome extension hides location
info that your VPN can't. (to
the original material)
- Hello
XD ransomware now drops a backdoor while
encrypting. (to
the original material)
11.06.2022
- News
from cyber security.
-
WiFi probing exposes smartphone users
to tracking, info leaks. (to
the original material)
-
Confluence servers hacked to deploy
AvosLocker, Cerber2021 ransomware. (to
the original material)
10.06.2022
- News
from cyber security.
-
Considerations for ensuring the
physical and cyber security of the
electricity sub-sector. (to
the original material)
-
Google releases security updates for
Chrome. (to
the original material)
-
Researchers unearth highly evasive
“parasitic” Linux malware. (to
the original material)
-
June 2022 Patch Tuesday forecast:
Internet Explorer fades into the
sunset. (to
the original material)
-
New infosec products of the week:
June 10, 2022. (to
the original material)
-
Only 43% of security pros can
respond to critical alerts in less
than an hour. (to
the original material)
-
Using the random motion of
electrons to improve
cybersecurity. (to
the original material)
-
The Week in Ransomware - June 10th
2022 - Targeting Linux. (to
the original material)
-
New PACMAN hardware attack targets
Macs with Apple M1 CPUs. (to
the original material)
-
Iranian hackers target energy
sector with new DNS backdoor. (to
the original material)
-
Hackers exploit recently patched
Confluence bug for cryptomining. (to
the original material)
-
WA gov expands Microsoft
enterprise agreement. (to
the original material)
-
IBM workflow analysis software
beset by bugs. (to
the original material)
-
Cyber basics still beyond fed gov
as Essential Eight mandate looms.
(to
the original material)
-
Australian organizations targeted
by Aoqin Dragon hackers for a
decade. (to
the original material)
09.06.2022
- News
from cyber security.
-
Press release: Directorate
participates in Cyber Europe
2022 cyber exercise testing
European health sector resilience.
(to
the original material)
-
Cybersecurity News of the Week
(09.06.2022). (to
the original material)
-
Cyber Europe 2022: Testing the
resilience of the European
Healthcare Sector. (to
the original material)
-
CISA adds three known exploited
vulnerabilities to Catalog. (to
the original material)
-
Summer holiday season fuels
upswing of travel-themed spam. (to
the original material)
-
The most common exploit paths
enterprises leave open for
attackers. (to
the original material)
-
Getting to grips with SaaS
security. (to
the original material)
-
Top three most critical areas of
web security. (to
the original material)
-
Healthcare is most likely to pay
the ransom. (to
the original material)
-
Only 13.5% of IT pros have
mastered security in the cloud
native space, (to
the original material)
-
Roblox Game Pass store used to
sell ransomware decryptor. (to
the original material)
-
Microsoft Defender now isolates
hacked, unmanaged Windows devices.
(to
the original material)
-
Vice Society ransomware claims
attack on Italian city of Palermo.
(to
the original material)
-
Dark web sites selling alleged
Western weapons sent to Ukraine. (to
the original material)
-
New Symbiote malware infects all
running processes on Linux
systems. (to
the original material)
-
Chinese hacking group Aoqin Dragon
quietly spied orgs for a decade. (to
the original material)
-
icare still waiting on leaked
workers' comp data to be deleted.
(to
the original material)
-
Apple defeats class action over
Meltdown, Spectre vulns. (to
the original material)
-
HTTP/3 becomes a standard, at
last. (to
the original material)
-
Threat Source newsletter (June 9,
2022) - Get ready for Cisco Live.
(to
the original material)
-
Talos EMEA monthly update:
Business email compromise. (to
the original material)
-
How to protect your email - Stay
safe from spam, malware, and
online attacks. (to
the original material)
-
Smilodon Credit Card skimming
malware shifts to WordPress. (to
the original material)
08.06.2022
-
News from cyber security.
-
CISA adds 36 known exploited
vulnerabilities to Catalog. (to
the original material)
-
Qbot – known channel for
ransomware – delivered via
phishing and Follina exploit. (to
the original material)
-
Intruder dwell time jumps 36%. (to
the original material)
-
Recovery and resilience: CISO
insights into the 2022
cybersecurity landscape. (to
the original material)
-
Barely one-third of IT pros can
vet code for tampering. (to
the original material)
-
Pandemic-related identity fraud:
How serious is it? (to
the original material)
-
Zero trust segmentation eliminates
5 cyber disasters per year and
saves $20+ million annually. (to
the original material)
-
OffSec (Offensive
Security) to stream Kali
Linux penetration testing course
on Twitch. (to
the original material)
-
Massive Facebook Messenger
phishing operation generates
millions. (to
the original material)
-
Linux botnets now exploit critical
Atlassian Confluence bug. (to
the original material)
-
Emotet malware now steals credit
cards from Google Chrome users. (to
the original material)
-
Cuba ransomware returns to
extorting victims with updated
encryptor. (to
the original material)
-
Poisoned CCleaner search results
spread information-stealing
malware. (to
the original material)
-
US agencies accuse China of
attacking telcos and network
providers. (to
the original material)
-
Microsoft won't fix 'Dogwalk'
zero-day from 2020. (to
the original material)
-
Platform liability trends around
the globe: Moving forward. (to
the original material)
-
Mandatory Student Spyware is
creating a perfect storm of Human
Rights Abuses. (to
the original material)
-
The EU's new message-scanning
Regulation must be stopped. (to
the original material)
-
How to delete your saved passwords
on any browser in less than 5
minutes. (to
the original material)
07.06.2022
-
News from cyber security.
-
People’s Republic of China
state-sponsored cyber actors
exploit network providers and
devices. (to
the original material)
-
Owl Labs releases security
updates for Meeting Owl Pro and
Whiteboard Owl. (to
the original material)
-
CISA provides criteria and
process for updates to the KEV
Catalog. (to
the original material)
-
Apple unveils passkeys for
passwordless authentication to
apps and websites. (to
the original material)
-
Attackers aren’t slowing down,
here’s what researchers are
seeing. (to
the original material)
-
Turning the tables on cyber
attackers. (to
the original material)
-
Ransomware attacks setting new
records. (to
the original material)
-
Boards, CEOs demand software
supply chain security
improvements. (to
the original material)
-
Business fit report: Echoworx
Email Encryption. (to
the original material)
-
Surfshark, ExpressVPN pull out
of India over data retention
laws. (to
the original material)
-
US seizes SSNDOB market for
selling personal info of 24
million people. (to
the original material)
-
US: Chinese govt hackers
breached telcos to snoop on
network traffic. (to
the original material)
-
New SVCReady malware loads from
Word doc properties. (to
the original material)
-
Qbot malware now uses Windows
MSDT zero-day in phishing
attacks. (to
the original material)
-
Linux version of Black Basta
ransomware targets VMware ESXi
servers. (to
the original material)
-
New ‘DogWalk’ Windows zero-day
bug gets free unofficial
patches. (to
the original material)
-
Online gun shops in the US
hacked to steal credit cards. (to
the original material)
-
Shields Health Care Group data
breach affects 2 million
patients. (to
the original material)
-
Why Netflix isn't the only one
bummed about password sharing. (to
the original material)
-
Android June 2022 updates bring
fix for critical RCE
vulnerability. (to
the original material)
-
Law firm mulls class action over
NDIS software provider data
breach. (to
the original material)
-
How to turn digital complexity
into competitive advantage. (to
the original material)
-
NAB automates DR management to
recover its systems faster. (to
the original material)
-
Your resistance pauses Axon’s
Dangerous Drone Tasers. (to
the original material)
-
When DRM comes for your
wheelchair. (to
the original material)
-
It takes 2 seconds of silence to
skim a credit card. (to
the original material)
06.06.2022
-
News from cyber security.
-
Cybersecurity Certification:
breaking new ground. (to
the original material)
-
Qualys VMDR 2.0 with TruRisk:
Taking vulnerability
management to the next level.
(to
the original material)
-
Healthcare-specific
cybersecurity problems and how
to address them. (to
the original material)
-
Intelligence must drive
strategic decisions. (to
the original material)
-
Four steps to successful
empathetic investigations. (to
the original material)
-
The costs and damages of DNS
attacks. (to
the original material)
-
The Intigriti Ethical Hacker
Survey 2022. (to
the original material)
-
QBot now pushes Black Basta
ransomware in bot-powered
attacks. (to
the original material)
-
Mandiant: “No evidence” we
were hacked by LockBit
ransomware. (to
the original material)
-
Ransomware gangs now give
victims time to save their
reputation. (to
the original material)
-
Windows zero-day exploited in
US local govt phishing
attacks. (to
the original material)
-
Italian city of Palermo shuts
down all systems to fend off
cyberattack. (to
the original material)
-
Former PJCIS chair named
shadow cyber security
minister. (to
the original material)
-
Click Studios revokes digital
cert used by 'Follina' dropped
malware. (to
the original material)
-
Speech-Related offenses should
be excluded from the proposed
UN Cybercrime Treaty. (to
the original material)
05.06.2022
-
News from cyber security.
-
Week in review: Macro-less
Office documents zero-day
bug, FluBot takedown,
growing DDoS threats. (to
the original material)
-
Exploit released for
Atlassian Confluence RCE
bug, patch now. (to
the original material)
-
Evasive phishing mixes
reverse tunnels and URL
shortening services. (to
the original material)
04.06.2022
-
News from cyber security.
-
Bored Ape Yacht Club,
Otherside NFTs stolen in
Discord server hack. (to
the original material)
-
Apple blocked 1.6 millions
apps from defrauding users
in 2021. (to
the original material)
-
SMSFactory Android malware
sneakily subscribes to
premium services. (to
the original material)
03.06.2022
-
News from cyber
security.
- Threat Advisory: Atlassian Confluence zero-day vulnerability under active exploitation. (to the original material)
-
CISA releases security
advisory on Dominion
Voting Systems Democracy
Suite ImageCast X. (to
the original material)
-
Atlassian releases new
versions of Confluence
Server and Data Center
to address
CVE-2022-26134. (to
the original material)
-
Attackers are leveraging
Follina. What can you
do? (to
the original material)
-
Unpatched Atlassian
Confluence zero-day
exploited, fix expected
today (CVE-2022-26134).
(to
the original material)
-
New infosec products of
the week: June 3, 2022.
(to
the original material)
-
40% of enterprises don’t
include
business-critical
systems in their
cybersecurity
monitoring. (to
the original material)
-
Intelligence is key to
strategic business
decisions. (to
the original material)
-
The Week in Ransomware -
June 3rd 2022 - Evading
sanctions. (to
the original material)
-
Novartis says no
sensitive data was
compromised in
cyberattack. (to
the original material)
-
WatchDog hacking group
launches new Docker
cryptojacking campaign.
(to
the original material)
-
Atlassian fixes
Confluence zero-day
widely exploited in
attacks. (to
the original material)
-
Americans report losing
over $1 billion to
cryptocurrency scams. (to
the original material)
-
Microsoft disrupts
Bohrium hackers’
spear-phishing
operation. (to
the original material)
-
GitLab security update
fixes critical account
take over flaw. (to
the original material)
-
No patch for actively
exploited Atlassian
Confluence zero-day. (to
the original material)
- Threat Advisory: Atlassian Confluence zero-day vulnerability under active exploitation. (to the original material)
-
Threat Roundup for May
27 to June 3. (to
the original material)
-
EFF to Inter-American
Court of Human Rights:
Colombia’s Surveillance
of Human
Rights-Defending Lawyers
Group Violated
International Law. (to
the original material)
-
Axon Must Not Arm Drones
with Tasers. (to
the original material)
-
San Francisco Police
nailed for violating
public records laws
regarding face
recognition and Fusion
Center documents. (to
the original material)
02.06.2022
-
News from cyber
security.
-
Cybersecurity News of
the Week (02.06.2022).
(to
the original
material)
-
Atlassian releases
security advisory for
Confluence Server and
Data Center,
CVE-2022-26134. (to
the original
material)
-
CISA adds one known
exploited
vulnerability
(CVE-2022-26134) to
Catalog. (to
the original
material)
-
CISA releases security
advisory on Illumina
Local Run Manager. (to
the original
material)
-
CISA updates advisory
on threat actors
chaining unpatched
VMware
vulnerabilities. (to
the original
material)
-
Microsoft Office apps
are vulnerable to IDN
homograph attacks. (to
the original
material)
-
Concentric’s AI
technologies simplify
and automate data
security. (to
the original
material)
-
How to support women
in cybersecurity. (to
the original
material)
-
Massive shadow code
risk for world’s
largest businesses. (to
the original
material)
-
Language-based BEC
attacks rising. (to
the original
material)
-
Autonomous vehicles
can be tricked into
erratic driving
behavior. (to
the original
material)
-
Critical Atlassian
Confluence zero-day
actively used in
attacks. (to
the original
material)
-
Top 10 Android banking
trojans target apps
with 1 billion
downloads. (to
the original
material)
-
Evil Corp switches to
LockBit ransomware to
evade sanctions. (to
the original
material)
-
Ransomware gang now
hacks corporate
websites to show
ransom notes. (to
the original
material)
-
Microsoft blocks
Polonium hackers from
using OneDrive in
attacks. (to
the original
material)
-
Chinese LuoYu hackers
deploy cyber-espionage
malware via app
updates. (to
the original
material)
-
Conti ransomware
targeted Intel
firmware for stealthy
attacks. (to
the original
material)
-
Clipminer malware gang
stole $1.7M by
hijacking crypto
payments. (to
the original
material)
-
Foxconn confirms
ransomware attack
disrupted production
in Mexico. (to
the original
material)
-
Global police
operation takes down
Flubot infrastructure.
(to
the original
material)
-
NSW public insurer
icare privacy bungle
hits 193,000 people. (to
the original
material)
-
Threat Source
newsletter (June 2,
2022) - An RSA
Conference primer. (to
the original
material)
-
Analysis of the
massive NDSW/NDSX
malware campaign. (to
the original
material)
01.06.2022
-
News from cyber
security.
-
Mozilla releases
security updates for
Firefox, Firefox
ESR, and
Thunderbird. (to
the original
material)
-
Karakurt data
extortion group. (to
the original
material)
-
FluBot takedown: Law
enforcement takes
control of Android
spyware’s
infrastructure. (to
the original
material)
-
Paving your path to
SASE: 4 tips for
achieving
connectivity and
security. (to
the original
material)
-
How cybercriminals
are targeting
executives at home
and their families.
(to
the original
material)
-
DDoS threats growing
in sophistication,
size, and frequency.
(to
the original
material)
-
Contactless is
reigning: Consumers
can’t even remember
their PIN. (to
the original
material)
-
Infosec products of
the month: May 2022.
(to
the original
material)
-
New Windows Search
zero-day added to
Microsoft protocol
nightmare. (to
the original
material)
-
Hundreds of
Elasticsearch
databases targeted
in ransom attacks. (to
the original
material)
-
FBI seizes domains
used to sell stolen
data, DDoS services.
(to
the original
material)
-
US govt: Paying
Karakurt extortion
ransoms won’t stop
data leaks. (to
the original
material)
-
RuneScape phishing
steals accounts and
in-game item bank
PINs. (to
the original
material)
-
Windows MSDT
zero-day
vulnerability gets
free unofficial
patch. (to
the original
material)
-
FluBot Android
malware operation
shutdown by law
enforcement. (to
the original
material)
-
SideWinder hackers
plant fake Android
VPN app in Google
Play Store. (to
the original
material)
-
Ransomware attacks
need less than four
days to encrypt
systems. (to
the original
material)
-
Telegram’s blogging
platform abused in
phishing attacks. (to
the original
material)
-
Google open sources
data centre scale
encryption. (to
the original
material)
-
Threat Advisory:
Zero-day
vulnerability in
Microsoft diagnostic
tool MSDT could lead
to code execution. (to
the original
material)
-
New York: Tell Your
Assembly members to
Pass This Landmark
Repair Bill. (to
the original
material)
-
Platform Liability
Trends Around the
Globe: Recent
Noteworthy
Developments. (to
the original
material)
Archive:
Source:
Note Dorin M.
This site has a double
form, one in HTML and one in Joomla (if you are interested
in the utility behind this effort you can read the "Why
a HTML and a CMS (Joomla)" page).
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
Dorin M - May 31, 2022