By security practitioners, for security practitioners novacoast federal | Apex Program | novacoast | about innovate
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 5.19.2023

WEEKLY TOP TEN | MAY 19, 2023 20:33 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. Apple fixes three new zero-days exploited to hack iPhones, Macs
    (1) https://www.bleepingcomputer.com/news/apple/apple-fixes-three-new-zero-days-exploited-to-hack-iphones-macs/
    (2) https://support.apple.com/en-us/HT213757
  2. ASUS routers knocked offline worldwide by bad security update
    https://www.bleepingcomputer.com/news/hardware/asus-routers-knocked-offline-worldwide-by-bad-security-update/
  3. State-Sponsored Sidewinder Hacker Group’s Covert Attack Infrastructure Uncovered
    (1) https://thehackernews.com/2023/05/state-sponsored-sidewinder-hacker.html
    (2) https://www.group-ib.com/blog/hunting-sidewinder/
  4. Cybercrime gang pre-infects millions of Android devices with malware
    (1) https://www.bleepingcomputer.com/news/security/cybercrime-gang-pre-infects-millions-of-android-devices-with-malware/
    (2) https://www.trendmicro.com/en_us/research/23/e/lemon-group-cybercriminal-businesses-built-on-preinfected-devices.html
  5. FBI confirms BianLian ransomware switch to extortion only attacks
    https://www.bleepingcomputer.com/news/security/fbi-confirms-bianlian-ransomware-switch-to-extortion-only-attacks/
  6. Malicious Microsoft VSCode extensions steal passwords, open remote shells
    (1) https://www.bleepingcomputer.com/news/security/malicious-microsoft-vscode-extensions-steal-passwords-open-remote-shells/
    (2) https://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/
  7. Cisco warns of critical switch bugs with public exploit code
    (1) https://www.bleepingcomputer.com/news/security/cisco-warns-of-critical-switch-bugs-with-public-exploit-code/
    (2) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv
  8. Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover
    (1) https://thehackernews.com/2023/05/threat-group-unc3944-abusing-azure.html
    (2) https://www.mandiant.com/resources/blog/sim-swapping-abuse-azure-serial
  9. New Ransomware Gang RA Group Hits U.S. and South Korean Organizations
    (1) https://thehackernews.com/2023/05/new-ransomware-gang-ra-group-hits-us.html
    (2) https://blog.talosintelligence.com/ra-group-ransomware/
  10. Intel says Friday’s mystery ‘security update’ microcode isn’t really a security update
    (1) https://www.theregister.com/2023/05/15/intel_mystery_microcode/
Previous Post

Weekly Top Ten Cybersecurity Stories – 5.12.2023

Next Post

Phishing Scams Using Chatbots to Capture Personal Information

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.