By security practitioners, for security practitioners novacoast federal | Apex Program | novacoast | about innovate
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 10.21.2022

WEEKLY TOP TEN | OCTOBER 21, 2022 13:01 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. Apache Commons Text CVE-2022-42889 Disclosed w/ Working Proof of Concept Code
    https://www.zscaler.com/blogs/security-research/security-advisory-apache-commons-text-remote-code-execution-vulnerability
  2. Zimbra CVE-2022-41352 Seeing Active Exploitation by Threat Actors
    https://securityaffairs.co/wordpress/137164/apt/zimbra-cve-2022-41352-exploitation.html
  3. Venus Ransomware Operators Exploiting Open RDP to Deploy Payloads
    https://www.bleepingcomputer.com/news/security/venus-ransomware-targets-publicly-exposed-remote-desktop-services/
  4. Qakbot Malware Now Deploying Cobalt Strike Alternative Brute Ratel, Black Basta Ransomware
    https://thehackernews.com/2022/10/black-basta-ransomware-hackers.html
  5. UEFI-centric Rootkit “BlackLotus” on Sale on Cybercrime Forums
    https://securityaffairs.co/wordpress/137252/malware/black-lotus-uefi-rootkit.html
  6. Ursnif Banking Trojan Pivots to General Purpose Approach, Signals Possibility of Info Theft & Ransomware
    https://www.mandiant.com/resources/blog/rm3-ldr4-ursnif-banking-fraud
  7. Security Researchers Discover PowerShell Backdoor Masquerading as Windows Updater
    https://www.safebreach.com/resources/blog/safebreach-labs-researchers-uncover-new-fully-undetectable-powershell-backdoor/
  8. Newly Discovered “Alchimist” Attack Framework Found to be Targeting Mac, Windows, and Linux Networks
    https://thehackernews.com/2022/10/new-chinese-malware-attack-framework.html
  9. RansomCartel Ransomware Possibly Linked to REvil Ransomware Group
    https://unit42.paloaltonetworks.com/ransom-cartel-ransomware/
  10. CISA Releases Open Source Tool for Recognizing Malware C2 Traffic via logs
    https://www.bleepingcomputer.com/news/security/cisa-releases-open-source-redeye-c2-log-visualization-tool/
Previous Post

Weekly Top Ten Cybersecurity Stories – 10.14.2022

Next Post

Building an Innovative Cybersecurity Platform From Scratch

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.