WEEKLY TOP TEN | SEPTEMBER 23, 2022 16:43 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- Security Researcher Discovers “GIFShell” Exploit for Microsoft Teams
https://thehackernews.com/2022/09/microsoft-teams-gifshell-attack-what-is.html - #3 Most Distributed Malware Emotet Now Distributing Quantum and BlackCat Ransomware
https://thehackernews.com/2022/09/emotet-botnet-started-distributing.html - ChromeLoader Malware Mutates Into Ever More Dangerous Variants
https://siliconangle.com/2022/09/19/vmware-warns-new-chromeloader-variants-pose-serious-risk/ - Hackers Increasingly Leverage “MFA Fatigue” To Penetrate Networks
https://www.bleepingcomputer.com/news/security/mfa-fatigue-hackers-new-favorite-tactic-in-high-profile-breaches/ - North Korean Actors Distributing Malware-laced PuTTY Clients
https://securityaffairs.co/wordpress/135831/malware/north-korea-linked-apt-backdoored-putty.html - 15-Year-Old Vulnerability Still a Risk for 350K+ Python Projects
https://securityaffairs.co/wordpress/136081/hacking/python-bug-cve-2007-4559.html - Several Atlassian Vulnerabilities Found to Be At Risk for Exploitation
https://blog.cyble.com/2022/09/22/bitbucket-server-and-data-center-at-risk-via-command-injection-vulnerability/ - Hard-to-Detect Domain Shadowing Technique Experiencing Uptick in Use by Threat Actors
https://www.bleepingcomputer.com/news/security/domain-shadowing-becoming-more-popular-among-cybercriminals/ - International Hotels Group (IHG) Subjected to Breach Ending in Data Wipe
https://www.computerweekly.com/news/252525120/IHG-attackers-phished-employee-to-deploy-destructive-wiper - Security Recommendations in Wake of Wiseasy Breach
https://thehackernews.com/2022/09/it-security-takeaways-from-wiseasy-hack.html
