Weekly Top Ten Cybersecurity Stories – 8.19.2022 – Innovate Cybersecurity

WEEKLY TOP TEN | AUGUST 19, 2022 22:01 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

Cybereason Researchers Warn of Increasing Use of Bumblebee Malware Loader in Campaigns
https://thehackernews.com/2022/08/hackers-using-bumblebee-loader-to.html
Several Zimbra Collaboration Suite CVEs Found in Active Exploitation by Threat Actors
https://securityaffairs.co/wordpress/134314/hacking/zimbra-rce-actively-exploited.html
New DarkTortilla Crypter Increasingly Found Protecting RAT Campaigns
https://www.darkreading.com/vulnerabilities-threats/darktortilla-sophisticated-malware-rat-infections
Chinese-affiliated Winnti APT Found Breaking Cobalt Strike Payloads Into Numerous Obfuscated Fragments to Avoid Detection
https://www.bleepingcomputer.com/news/security/winnti-hackers-split-cobalt-strike-into-154-pieces-to-evade-detection/
BlackByte Ransomware Outfit Releases Updated 2.0 Version, Updates Extortion Methodology
https://securityaffairs.co/wordpress/134531/cyber-crime/blackbyte-ransomware-v2.html
Yet Another Cryptominer-laced PyPI Package Discovered by Security Researchers
https://securityaffairs.co/wordpress/134381/security/pypi-package-fileless-linux-malware.html
CISA Releases Alert on Zeppelin Ransomware Organization
https://www.cisa.gov/uscert/ncas/alerts/aa22-223a
Apple Patches Two Zero Day Vulnerabilities Affecting iOS, iPadOS, and macOS Devices
https://securityaffairs.co/wordpress/134527/security/apple-zero-day-flaws-2.html
Researchers Discover In-Development BugDrop Android Malware Bypassing Google Security Controls To Deploy Xenomorph RAT
https://www.threatfabric.com/blogs/bugdrop-new-dropper-bypassing-google-security-measures.html
Threat Actor Impersonates McAfee in Widespread Phishing Campaign
https://www.consumeraffairs.com/news/scammers-are-impersonating-software-maker-mcafee-in-new-imposter-scam-081622.html

Hand-Picked Top-Read Stories

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

What Happened To The Internet Archive?

Trending Tags

Weekly Top Ten Cybersecurity Stories – 8.19.2022

Previous Post

Fidelis Cybersecurity Training and Certification

Next Post

Cloudflare Training and Certification

Threat Advisories

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

Weekly Top 10: 11.11.2024: Veeam Backup Exploit Used by Frag Ransomware; North Korean Hackers Use macOS Malware to Steal Crypto; Palo Alto PAN-OS May be Vulnerable to RCE, and More.

Weekly Top 10: 11.04.2024: Android Malware ‘FakeCall’ Hijacks Outgoing Calls; PTZ Cameras Being Targeted Using Two Zero-Days; Hacker Group TeamTNT Targets Docker Environments, and More.

Weekly Top 10: 10.28.2024: Severe Flaws in E2EE Cloud Storage Platforms Used by Millions; ClickFix Tactic: The Phantom Meet; Firm Hacked After Accidentally Hiring North Korean Cyber Criminal, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware