WEEKLY TOP TEN | OCTOBER 7, 2022 15:17 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- BlackByte Ransomware Operators Importing Legitimate Drivers to Bypass Security Software
https://news.sophos.com/en-us/2022/10/04/blackbyte-ransomware-returns/ - Researchers Discover Novel VIRTUALPITA and VIRTUALPIE Backdoors Affecting ESXi Hypervisors
https://securityaffairs.co/wordpress/136408/hacking/vmware-esxi-hypervisors-malware.html - Lazarus Group APT Abusing Driver Flaws to Deploy Rootkits on Victim Networks
https://thehackernews.com/2022/10/hackers-exploiting-dell-driver.html - Novel “Maggie” Malware Found Infecting Hundreds of SQL Servers Worldwide
https://securityaffairs.co/wordpress/136693/cyber-crime/maggie-malware-microsoft-sql-server.html - Eternity Threat Group Deploying Multi-Purpose LilithBot Under Malware-as-a-Service Model
https://www.zscaler.com/blogs/security-research/analysis-lilithbot-malware-and-eternity-threat-group - RatMilad Campaign Targeting Enterprise-level Android Phones
https://www.darkreading.com/mobile/ratmilad-spyware-scurries-enterprise-android-phones - Chromium Application Mode Actively Abused to Create “Desktop Phishing” Campaigns
https://www.bleepingcomputer.com/news/security/web-browser-app-mode-can-be-abused-to-make-desktop-phishing-pages/ - Threat Actors Perform Supply Chain Attack on Comm100 Chat Provider to Deploy Backdoor Malware
https://thehackernews.com/2022/10/comm100-chat-provider-hijacked-to.html - Witchetty Threat Actor Using Microsoft-image Steganography to Deploy Malware in Attacks
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/witchetty-steganography-espionage - BlackCat Ransomware Group Claims Responsibility for Hack on NJVC Defense Contractor
https://securityaffairs.co/wordpress/136537/cyber-crime/njvc-data-breach.html
