WEEKLY TOP TEN | JANUARY 6, 2023 14:57 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- “Meddler-in-the-Middle” Phishing Attacks Bypass MFA Solutions with Perfect Replicas of Popular Websites
https://unit42.paloaltonetworks.com/meddler-phishing-attacks/ - IcedID Banking Trojan Found in Zoom Phishing Campaign
https://blog.cyble.com/2023/01/05/zoom-users-at-risk-in-latest-malware-campaign/ - Linux Backdoor Malware Abusing 30+ WordPress Vulnerabilities to Drop Malicious Javascript
https://securityaffairs.com/140153/cyber-crime/linux-malware-wordpress-websites.html - PyTorch Discovered to Have Malicious “Torchtriton” Dependency, Users Warned to Reinstall PyTorch
https://www.bleepingcomputer.com/news/security/pytorch-discloses-malicious-dependency-chain-compromise-over-holidays/ - “SHC” Linux Malware Dropping XMRig Coinminer via Brute-Forcing SSH Servers
https://securityaffairs.com/140308/malware/shc-linux-malware-coinminer.html - Fortinet and Zoho Patch Critical Vulnerabilities in FortiADC and Other Software
https://thehackernews.com/2023/01/fortinet-and-zoho-urge-customers-to.html - Synology Patches Critical Severity CVE-2022-43931 Affecting VPN Plus Service
https://thehackernews.com/2023/01/synology-releases-patch-for-critical.html - Netgear Patches Authentication Bug Present in Multiple Wifi Router Models
https://securityaffairs.com/140144/security/netgear-buffer-overflow-routers.html - Qualcomm Patches Several Chipset Vulnerabilities Affecting ThinkPad X13 Laptops
https://thehackernews.com/2023/01/qualcomm-chipsets-and-lenovo-bios-get.html - Slack Discloses Compromise of Private Code Repository
https://www.bleepingcomputer.com/news/security/slacks-private-github-code-repositories-stolen-over-holidays/
