By security practitioners, for security practitioners novacoast federal | Pillr | novacoast | about innovate
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 10.14.2022

WEEKLY TOP TEN | OCTOBER 14, 2022 20:35 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. ”Caffeine” Phishing-as-a-Service Toolkit Presages Uptick in Higher Complexity Phishing Attacks
    https://thehackernews.com/2022/10/researchers-warn-of-new-phishing-as.html
  2. Javascript VM2 Sandbox Vulnerability CVE-2022-36067 Allowing for Sandbox Escape Discovered by Researchers
    https://thehackernews.com/2022/10/researchers-detail-critical-rce-flaw.html
  3. Unpatched VMware CVE-2021-22048 Privilege Escalation Vulnerability Remains Unpatched
    https://securityaffairs.co/wordpress/136979/hacking/vmware-unpatched-cve-2021-22048.html
  4. Fortinet Patches Critical CVE-2022-40684 Affecting Its Firewall and Proxy Products
    https://securityaffairs.co/wordpress/136786/security/fortinet-critical-flaw.html
  5. Zimbra Collaboration Suite CVE-2022-41352 Remote Code Execution Vulnerability Disclosed by Security Researchers
    https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html
  6. Pro-Russia “Killnet” Hacktivist Group Stages DDoS Attacks on American Airports
    https://securityaffairs.co/wordpress/136894/hacktivism/killnet-targets-us-airports.html
  7. QBot Phishing Campaign Pivots Towards Corporate Users
    https://www.securityweek.com/qbot-malware-infects-over-800-corporate-users-new-ongoing-campaign
  8. Emotet Botnet Shifts Gears in Tactics, Focusing Increasingly on LOLBINs and Defense Evasion Techniques
    https://thehackernews.com/2022/10/new-report-uncovers-emotets-delivery.html
  9. CISA Releases Report on Most-Exploited Vulnerabilities by Chinese APTs
    https://www.cisa.gov/uscert/ncas/alerts/aa22-279a
  10. Researchers Coin “Hyperjacking” Term for Malware Affecting Hypervisors
    https://www.makeuseof.com/what-is-hyperjacking-attack/
Previous Post

Weekly Top Ten Cybersecurity Stories – 10.7.2022

Next Post

Weekly Top Ten Cybersecurity Stories – 10.21.2022

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.