Weekly Top Ten Cybersecurity Stories – 5.20.2022 – Innovate Cybersecurity

WEEKLY TOP TEN | MAY 20, 2022 14:00 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

CISA Orders Emergency Patch of VMWare CVE-2022-22972 and 22973
https://securityaffairs.co/wordpress/131436/security/cisa-orders-federal-agencies-to-vmware-flaws.html
CISA Removes CVE-2022-26925 From Catalog After Discovering Flaw in Domain Controller Installations
https://www.cisa.gov/uscert/ncas/current-activity/2022/05/13/cisa-temporarily-removes-cve-2022-26925-known-exploited
CISA Discloses Routinely Exploited Threat Actor Initial Access Techniques
https://www.cisa.gov/uscert/ncas/alerts/aa22-137a
Security Researchers Discover Flaw in Bluetooth Physical Architecture Allowing for Compromise Even if Turned Off
https://securityaffairs.co/wordpress/131336/hacking/malware-execution-iphone-turned-off.html
Microsoft Warns Sysrv-K Botnet Abusing WordPress Vulnerabilities and VMWare Spring Cloud CVE to Propagate
https://www.zdnet.com/article/microsoft-warns-this-botnet-has-new-tricks-to-target-linux-and-windows-systems/
CISA Adds CVE-2022-30525 Vulnerability for Zyxel Firewall to Catalog
https://thehackernews.com/2022/05/watch-out-hackers-begin-exploiting.html
Jamf Threat Labs Team Discovers Variant of MacOS Malware “UpdateAgent” Written in Swift
https://securityaffairs.co/wordpress/131391/malware/updateagent-macos-malware-swift.html
Microsoft Warns of Threat Actors Abusing SQLPS to Brute Force Externally-Facing MSSQL Server Databases
https://www.techradar.com/news/brute-force-attacks-targeting-mssql-servers-microsoft-warns
Italian Security Researchers Report That APT Groups Overwhelmingly Utilize Existing Vulnerabilities Over Zero Day Exploits
https://threatpost.com/apts-overwhelmingly-share-known-vulnerabilities-rather-than-attack-o-days/179657/
PRODAFT Intelligence Team Performs Deep Dive on WIZARD SPIDER Technical Playbook
https://www.zdnet.com/article/wizard-spider-hacking-group-hires-cold-callers-to-scare-ransomware-victims-into-paying-up/

Hand-Picked Top-Read Stories

The Risks of Cybersecurity Vulnerabilities: How They’re Impacting Public Utilities

Why is DDoS Still So Effective After 20 Years?

Weekly Top 10: 12.16.2024: OpenWrt Flaw Allows Distribution of Malicious Firmware; Vulnerability in WPForms Allows for Arbitrary Stripe Refunds; AuthQuake Attack Allows MFA Bypass for Microsoft Accounts, and More.

Trending Tags

Weekly Top Ten Cybersecurity Stories – 5.20.2022

Previous Post

May 2022 Windows Patches Could Cause Auth Issues On Domain Controllers

Next Post

Avoiding Common Incident Response Pitfalls

Threat Advisories

Weekly Top 10: 12.16.2024: OpenWrt Flaw Allows Distribution of Malicious Firmware; Vulnerability in WPForms Allows for Arbitrary Stripe Refunds; AuthQuake Attack Allows MFA Bypass for Microsoft Accounts, and More.

Weekly Top 10: 12.9.2024: New Windows Zero-Day Exposes NTLM Credentials, Gets Unofficial Patch; Supply Chain Attack Detected in Solana’s web3.js Library; Snowblind: The Invisible Hand of Secret Blizzard, and More.

Weekly Top 10: 11.25.2024: Critical Flaw in End-of-Life D-Link VPN Routers; Actively Exploited RCE Flaw Impacting VMware vCenter; Russian Linked Threat Actor Linked in Cyber Espionage Campaign, and More.

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware