By security practitioners, for security practitioners novacoast federal | Apex Program | novacoast | about innovate
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 11.11.2022

WEEKLY TOP TEN | NOVEMBER 11, 2022 17:51 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. Expansive YouTube Phishing Campaign Deploying Infostealers With Promise of Free/Cracked Software
    https://blog.cyble.com/2022/11/08/massive-youtube-campaign-targeting-over-100-applications-to-deliver-info-stealer/
  2. Latest Emotet Botnet Strain Delivering IcedID, Bumblebee, and Other Malware Worldwide
    https://blog.cyble.com/2022/11/09/emotet-returns-targeting-users-worldwide/
  3. RomCom RAT Campaign Masquerading as Popular Corporate Software Like KeePass and Others
    https://securityaffairs.co/wordpress/138091/hacking/romcom-rat-campaigns.html
  4. URLSCAN Found to be Leaking Sensitive Data When Integrated With Popular Security Tools
    https://thehackernews.com/2022/11/experts-find-urlscan-security-scanner.html
  5. Cloud9 Botnet Targeting Chrome and Chromium with Malicious Browser Extensions
    https://thehackernews.com/2022/11/experts-warn-of-browser-extensions.html
  6. Lenovo Patches 2 Vulnerabilities Allowing Threat Actors to Disable UEFI Secure Boot
    https://securityaffairs.co/wordpress/138312/security/lenovo-bypass-security-features.html
  7. Threat Actors Increasingly Use ISO Files to Defeat Mark-of-the-Web
    https://redcanary.com/blog/iso-files/
  8. Threat Actors Abusing IPFS Network to Create De Facto Bulletproof Storage of Malware
    https://thehackernews.com/2022/11/several-cyber-attacks-observed.html
  9. Robin Banks Phishing-as-a-Service Moves Infrastructure to Bulletproof Host
    https://securityaffairs.co/wordpress/138199/cyber-crime/robin-banks-phaas.html
  10. Russian APT29 Abusing Credential Roaming in High Competency Attack Against European Diplomatic Entity
    https://www.mandiant.com/resources/blog/apt29-windows-credential-roaming
Previous Post

Weekly Top Ten Cybersecurity Stories – 11.4.2022

Next Post

A Tale of Two SOCs—Traditional Vs. SOCaaS—Which Is Best For Your Business?

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.