By security practitioners, for security practitioners novacoast federal | Apex Program | novacoast | about innovate
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 5.12.2023

WEEKLY TOP TEN | MAY 12, 2023 17:47 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. Hunting Russian Intelligence “Snake” Malware
    https://media.defense.gov/2023/May/09/2003218554/-1/-1/1/JOINT_CSA_HUNTING_RU_INTEL_SNAKE_MALWARE_20230509.PDF
  2. Millions of mobile phones come pre-infected with malware
    https://www.theregister.com/2023/05/11/bh_asia_mobile_phones/
  3. Microsoft issues optional fix for Secure Boot zero-day used by malware
    (1) https://www.bleepingcomputer.com/news/microsoft/microsoft-issues-optional-fix-for-secure-boot-zero-day-used-by-malware/
    (2) https://msrc.microsoft.com/blog/2023/05/guidance-related-to-secure-boot-manager-changes-associated-with-cve-2023-24932/
  4. From One Vulnerability to Another: Outlook Patch Analysis Reveals Important Flaw in Windows API
    https://www.akamai.com/blog/security-research/important-outlook-vulnerability-bypass-windows-api
  5. Fake system update drops Aurora stealer via Invalid Printer loader
    https://www.malwarebytes.com/blog/threat-intelligence/2023/05/fake-system-update-drops-new-highly-evasive-loader
  6. Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
    https://thehackernews.com/2023/05/experts-detail-new-zero-click-windows.html
  7. Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers
    https://www.sentinelone.com/labs/hypervisor-ransomware-multiple-threat-actor-groups-hop-on-leaked-babuk-code-to-build-esxi-lockers/
  8. New features and updates to improve online safety Google brings dark web monitoring to all U.S. Gmail users
    https://blog.google/technology/safety-security/online-safety-features-updates-google-io-2023/
  9. QR codes used in fake parking tickets, surveys to steal your money
    https://www.bleepingcomputer.com/news/security/qr-codes-used-in-fake-parking-tickets-surveys-to-steal-your-money/
  10. MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web
    https://thehackernews.com/2023/05/msi-data-breach-private-code-signing.html
Previous Post

Weekly Top Ten Cybersecurity Stories – 5.5.2023

Next Post

Weekly Top Ten Cybersecurity Stories – 5.19.2023

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.