WEEKLY TOP TEN | NOVEMBER 11, 2022 17:51 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- Expansive YouTube Phishing Campaign Deploying Infostealers With Promise of Free/Cracked Software
https://blog.cyble.com/2022/11/08/massive-youtube-campaign-targeting-over-100-applications-to-deliver-info-stealer/ - Latest Emotet Botnet Strain Delivering IcedID, Bumblebee, and Other Malware Worldwide
https://blog.cyble.com/2022/11/09/emotet-returns-targeting-users-worldwide/ - RomCom RAT Campaign Masquerading as Popular Corporate Software Like KeePass and Others
https://securityaffairs.co/wordpress/138091/hacking/romcom-rat-campaigns.html - URLSCAN Found to be Leaking Sensitive Data When Integrated With Popular Security Tools
https://thehackernews.com/2022/11/experts-find-urlscan-security-scanner.html - Cloud9 Botnet Targeting Chrome and Chromium with Malicious Browser Extensions
https://thehackernews.com/2022/11/experts-warn-of-browser-extensions.html - Lenovo Patches 2 Vulnerabilities Allowing Threat Actors to Disable UEFI Secure Boot
https://securityaffairs.co/wordpress/138312/security/lenovo-bypass-security-features.html - Threat Actors Increasingly Use ISO Files to Defeat Mark-of-the-Web
https://redcanary.com/blog/iso-files/ - Threat Actors Abusing IPFS Network to Create De Facto Bulletproof Storage of Malware
https://thehackernews.com/2022/11/several-cyber-attacks-observed.html - Robin Banks Phishing-as-a-Service Moves Infrastructure to Bulletproof Host
https://securityaffairs.co/wordpress/138199/cyber-crime/robin-banks-phaas.html - Russian APT29 Abusing Credential Roaming in High Competency Attack Against European Diplomatic Entity
https://www.mandiant.com/resources/blog/apt29-windows-credential-roaming
