WEEKLY TOP TEN | NOVEMBER 18, 2022 20:21 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- November Patch Tuesday Updates Cause Malfunctions with Kerberos Authentication
https://www.bleepingcomputer.com/news/microsoft/windows-kerberos-authentication-breaks-after-november-updates/ - Deep Instinct Calls AgentTesla, LockBit 3.0 Most Prevalent Malware in Q3 2022
https://www.infosecurity-magazine.com/news/lockbit-dominates-ransomware/ - Security Researchers Warn of Low-Detection Tactics Used by Batloader Malware
https://www.darkreading.com/attacks-breaches/researchers-alarm-batloader-malware-dropper - Threat Actor Worok Found to be Using PNG Image Files to Assemble Malware
https://www.bleepingcomputer.com/news/security/worok-hackers-hide-new-malware-in-pngs-using-steganography/#google_vignette - Chinese-linked Billbug APT Breaches Certificate Authority, Presaging Higher Competency Attacks
https://securityaffairs.co/wordpress/138568/apt/billbug-apt-hit-certificate-authority.html - Threat Actor Fangxiao Registers Over 42K Websites As Part of Phishing Campaign
https://thehackernews.com/2022/11/chinese-hackers-using-42000-imposter.html - Iranian APT Breaches Us Gov’t Website via Log4Shell Exploit
https://securityaffairs.co/wordpress/138639/apt/iran-compromises-us-federal-network.html - US Department of Health Warns of Venus Ransomware Targeting Healthcare Sector
https://www.bleepingcomputer.com/news/security/us-health-dept-warns-of-venus-ransomware-targeting-healthcare-orgs/ - Amazon Relational Database Service (RDS) Found to Leak User PII
https://thehackernews.com/2022/11/researchers-discover-hundreds-of-amazon.html - Microsoft Warns of 13 December End-of-Support for .NET Core 3.1
https://www.bleepingcomputer.com/news/security/microsoft-urges-devs-to-migrate-away-from-net-core-31-asap/
