WEEKLY TOP TEN | AUGUST 5, 2022 14:25 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- Cisco Patches Several High-Severity Vulnerabilities Affecting Small Business VPN Routers
https://securityaffairs.co/wordpress/133984/security/cisco-small-business-vpn-routers-flaws.html - LockBit 3.0 Utilizing Living Off the Land (LOLBIN) Technique to Bypass Defender and Load Cobalt Strike Beacons
https://www.sentinelone.com/blog/living-off-windows-defender-lockbit-ransomware-sideloads-cobalt-strike-through-microsoft-security-tool/ - Threat Actor Abusing Atlassian Confluence Vulnerability to Deploy Cryptominer and Novel Backdoor
https://thehackernews.com/2022/08/hackers-exploited-atlassian-confluence.html - GitHub Removes Over 35,000 Malware-laced Clones Masquerading as Common Repos
https://www.bleepingcomputer.com/news/security/35-000-code-repos-not-hacked-but-clones-flood-github-to-serve-malware/ - Cyble Warns of Increasing Rate of “Stegomalware” Deploying in Low Detection Rate Files
https://blog.cyble.com/2022/08/04/stegomalware-identifying-possible-attack-vectors/ - Sonatype Alerts to Malware and Ransomware-ridden Files Typosquatting on Several Python Requests
https://blog.sonatype.com/ransomware-in-a-pypi-sonatype-spots-requests-typosquat - VirusTotal Releases Report Discussing Malware Deception Trends
https://blog.virustotal.com/2022/08/deception-at-scale.html - Cisco Talos Discovers “Manjusaka” Variant of Cobalt Strike
https://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.html - FCC Warns of Increasing Use of Smishing Attacks
https://securityaffairs.co/wordpress/133865/cyber-crime/fcc-warns-smishing-attacks.html - Huntress Researchers Disclose Initial Access Brokers (IABs) Increasingly Target MSPs
https://www.huntress.com/blog/threat-advisory-hackers-are-selling-access-to-msps
