Weekly Top Ten Cybersecurity Stories – 1.20.2023 – Innovate Cybersecurity

WEEKLY TOP TEN | JANUARY 20, 2023 18:10 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

Poisoned Google Search Results Create Increasingly Convincing Phishing Websites
https://www.bleepingcomputer.com/news/security/hackers-push-malware-via-google-search-ads-for-vlc-7-zip-ccleaner/
Ransomware Actors Add DDoS To Their Arsenal, Creating Triple Extortion Threat for Businesses
https://blog.cyble.com/2023/01/13/ransomware-extortion-techniques-a-growing-concern-for-organizations/
Threat Actors Turn to Polyglot Files To Minimize Detection Risks
https://thehackernews.com/2023/01/cybercriminals-using-polyglot-files-in.html
US CISA Adds CVE-2022-44877 Affecting CentOS Web Panel to the Known Exploited Vulnerabilities Catalog
https://securityaffairs.com/140989/security/centos-web-panel-rce-known-exploited-vulnerabilities-catalog.html
4,000+ Sophos Firewalls Remain Unpatched, Vulnerable to CVE-2022-3236 Remote Code Execution Vulnerability
https://www.computing.co.uk/news/4062871/sophos-firewall-servers-vulnerable-code-injection-vulnerability
Threat Actors Turn to Blank SVG Image Files to Deploy Malicious Scripts in Phishing Attacks
https://www.bleepingcomputer.com/news/security/new-blank-image-attack-hides-phishing-scripts-in-svg-files/
ESET Discusses Recent Trends for Tech Support Scams
https://www.welivesecurity.com/2023/01/19/tech-support-scammers-still-at-it-what-look-out-for/
Recent Nissan Data Breach Attributed to Exposed Third Party System
https://www.bleepingcomputer.com/news/security/nissan-north-america-data-breach-caused-by-vendor-exposed-database/
MSI Security Misconfiguration Allows for Attackers to Create Insecure Boot Scenario on Hundreds of Motherboards
https://www.bleepingcomputer.com/news/security/msi-accidentally-breaks-secure-boot-for-hundreds-of-motherboards/
Security Researchers Discover Discord Bot Used for C2 Communication with Threat Actors
https://securityintelligence.com/posts/self-checkout-discord-c2/

Hand-Picked Top-Read Stories

Weekly Top 10 – 04.22.2024- MITRE breach, Hackers Exploit Fortinet Flaw, UNDP investigates ransomware attack, and More.

Weekly Top 10 – 04.15.2024- Google Bug Bounties, Medusa Ransomware Returns, LG Smart TVs Vulnerable, and More.

Weekly Top 10 – 04.9.2024- XZ Utils Backdoor, Vultur Banking Trojan, New Chrome Features, and More.

Trending Tags

Weekly Top Ten Cybersecurity Stories – 1.20.2023

Previous Post

Weekly Top Ten Cybersecurity Stories – 1.13.2023

Next Post

Building a Foundational Data Classification Strategy

The New Standard of

Cybersecurity
Education

Innovate Cybersecurity Summit

Threat Advisories

Weekly Top 10 – 04.22.2024- MITRE breach, Hackers Exploit Fortinet Flaw, UNDP investigates ransomware attack, and More.

Weekly Top 10 – 04.15.2024- Google Bug Bounties, Medusa Ransomware Returns, LG Smart TVs Vulnerable, and More.

Weekly Top 10 – 04.9.2024- XZ Utils Backdoor, Vultur Banking Trojan, New Chrome Features, and More.

Weekly Top 10 – 04.2.2024- SharePoint and AMD Vulnerabilities, Password Spraying VPN Attacks, Tycoon 2FA, and More.

Weekly Top 10 – 03.25.2024- AI Enhanced Cyber Attacks Rising, Microsoft Warns Taxpayers of Tax Return Phishing Scams, “Fluffy Wolf” Stealer Malware Targets Corporate Environments, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware