WEEKLY TOP TEN | JULY 24, 2023 15:15 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk and multiple sources if available:
- CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519
https://www.cisa.gov/news-events/alerts/2023/07/20/cisa-releases-cybersecurity-advisory-threat-actors-exploiting-citrix-cve-2023-3519 - CISA shares free tools to help secure data in the cloud
https://www.cisa.gov/resources-tools/resources/free-tools-cloud-environments - Expanding cloud logging to give customers deeper security visibility
https://www.microsoft.com/en-us/security/blog/2023/07/19/expanding-cloud-logging-to-give-customers-deeper-security-visibility/ - Microsoft: Hackers turn Exchange servers into malware control centers
https://www.bleepingcomputer.com/news/security/microsoft-hackers-turn-exchange-servers-into-malware-control-centers/ - Lookout Attributes Advanced Android Surveillanceware to Chinese Espionage Group APT41
https://www.lookout.com/threat-intelligence/article/wyrmspy-dragonegg-surveillanceware-apt41 - FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/Syssphinx-FIN8-backdoor - Security Alert: Social Engineering Campaign Targets Technology Industry Employees
https://github.blog/2023-07-18-security-alert-social-engineering-campaign-targets-technology-industry-employees/#indicators - Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware
https://www.bleepingcomputer.com/news/security/cybersecurity-firm-sophos-impersonated-by-new-sophosencrypt-ransomware/ - A Few More Reasons Why RDP is Insecure (Surprise!)
https://thehackernews.com/2023/07/a-few-more-reasons-why-rdp-is-insecure.html - WormGPT Might Become Hackers’ New Best Imaginary Friend
https://www.tomshardware.com/news/wormgpt-black-hat-llm