By security practitioners, for security practitioners novacoast federal | Apex Program | novacoast | about innovate
Hand-Picked Top-Read Stories
Trending Tags
By security practitioners, for security practitioners

Weekly Top 10 – 6.2.2023 – macOS Vulnerability, Russian Claim of US iPhone Attacks, Zyxel Firewall Exploit

WEEKLY TOP TEN | JUNE 2, 2023 16:17 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk and multiple sources if available:

  1. New macOS vulnerability, Migraine, could bypass System Integrity Protection
    https://www.microsoft.com/en-us/security/blog/2023/05/30/new-macos-vulnerability-migraine-could-bypass-system-integrity-protection/
  2. Russia says US hacked thousands of iPhones in iOS zero-click attacks
    (1) https://www.bleepingcomputer.com/news/security/russia-says-us-hacked-thousands-of-iphones-in-ios-zero-click-attacks/
    (2) https://securelist.com/operation-triangulation/109842/
    (3) https://thehackernews.com/2023/06/new-zero-click-hack-targets-ios-users.html
  3. Hackers exploit critical Zyxel firewall flaw in ongoing attacks
    (1) https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-zyxel-firewall-flaw-in-ongoing-attacks/
    (2) https://www.cisa.gov/news-events/alerts/2023/05/31/cisa-adds-one-known-exploited-vulnerability-catalog
    (3) https://nvd.nist.gov/vuln/detail/CVE-2023-28771
  4. Dark Pink hackers continue to target government and military organizations
    https://www.bleepingcomputer.com/news/security/dark-pink-hackers-continue-to-target-govt-and-military-organizations/
  5. Terminator antivirus killer is a vulnerable Windows driver in disguise
    https://www.bleepingcomputer.com/news/security/terminator-antivirus-killer-is-a-vulnerable-windows-driver-in-disguise/
  6. Toyota finds more misconfigured servers leaking customer info
    (1) https://www.bleepingcomputer.com/news/security/toyota-finds-more-misconfigured-servers-leaking-customer-info/
    (2) https://global.toyota/en/newsroom/corporate/39241625.html
  7. Ghost Sites: Stealing Data From Deactivated Salesforce Communities
    https://www.varonis.com/blog/salesforce-ghost-sites
  8. Harvard Pilgrim Health Care ransomware attack hits 2.5 million people
    (1) https://www.bleepingcomputer.com/news/security/harvard-pilgrim-health-care-ransomware-attack-hits-25-million-people/
    (2) https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
  9. Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics
    https://thehackernews.com/2023/06/improved-blackcat-ransomware-strikes.html
  10. New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force
    (1) https://thehackernews.com/2023/05/new-bruteprint-attack-lets-attackers.html
    (2) https://arxiv.org/abs/2305.10791
Previous Post

Weekly Top Ten Cybersecurity Stories – 5.30.2023

May 31, 2023 20:46 GMT
Next Post

Living Off the Land Attacks: The Risks

June 5, 2023 18:03 GMT
Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.