By security practitioners, for security practitioners novacoast federal | Apex Program | novacoast | about innovate
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 11.4.2022

WEEKLY TOP TEN | NOVEMBER 4, 2022 15:53 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. SocGholish Threat Actor Compromises Hundreds of News Sites After Supply Chain Attack
    https://www.bleepingcomputer.com/news/security/hundreds-of-us-news-sites-push-malware-in-supply-chain-attack/
  2. Security Researcher Releases Patch for Abused Microsoft Mark-of-the-Web Vulnerability
    https://thehackernews.com/2022/10/unofficial-patch-released-for-new.html
  3. Emotet Botnet Activity on the Rise After Multi-month Pause
    https://www.bleepingcomputer.com/news/security/emotet-botnet-starts-blasting-malware-again-after-5-month-break/
  4. GIMP-Impersonating Website Advertised by Google Until Recently
    https://www.bleepingcomputer.com/news/security/google-ad-for-gimporg-served-info-stealing-malware-via-lookalike-site/
  5. VMware Discloses that High Severity CVE-2021-39144 Has Available Proof-of-Concept Code
    https://securityaffairs.co/wordpress/137912/security/vmware-cve-2021-39144-exploit.html
  6. W4SP InfoStealer Found in 30+ High Use PyPI Python Registries
    https://www.bleepingcomputer.com/news/security/dozens-of-pypi-packages-caught-dropping-w4sp-info-stealing-malware/
  7. Azov Malware Resembles Ransomware But Only Encrypts Data Instead
    https://www.bleepingcomputer.com/news/security/new-azov-data-wiper-tries-to-frame-researchers-and-bleepingcomputer/
  8. Cranefly Hacking Group Using Novel IIS Log Method to Perform C2
    https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cranefly-new-tools-technique-geppei-danfuan
  9. TikTok Discloses Ability for Employees to View Data of European Users
    https://thehackernews.com/2022/11/new-tiktok-privacy-policy-confirms.html
  10. CISA Releases Guidance to Harden Against Phishing and MFA Subversion
    https://www.cisa.gov/uscert/ncas/current-activity/2022/10/31/cisa-releases-guidance-phishing-resistant-and-numbers-matching
Previous Post

Weekly Top Ten Cybersecurity Stories – 10.28.2022

Next Post

Weekly Top Ten Cybersecurity Stories – 11.11.2022

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.