Weekly Top Ten Cybersecurity Stories – 12.2.2022 – Innovate Cybersecurity

WEEKLY TOP TEN | DECEMBER 2, 2022 20:55 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

Organizations at Risk Due to Active Exploitation of Fortinet CVE-2022-40684
https://blog.cyble.com/2022/11/24/multiple-organisations-compromised-by-critical-authentication-bypass-vulnerability-in-fortinet-products-cve-2022-40684/
CISA Adds Oracle Fusion MIddleware CVE-2021-35587 to Known Exploited Vulnerability Database
https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html
GoTo, Formely LogMeIn, Discloses Breach of its Development Environment and Cloud Storage
https://www.bleepingcomputer.com/news/security/goto-says-hackers-breached-its-dev-environment-cloud-storage/
LastPass Reports Secondary Breach Following Earlier August 2022 Attack
https://securityaffairs.co/wordpress/139136/data-breach/lastpass-second-security-breach.html
Microsoft Warns of LSASS Leaks Following November Patch Tuesday Causing Potential Domain Controller Freezes
https://www.bleepingcomputer.com/news/microsoft/new-windows-server-updates-cause-domain-controller-freezes-restarts/
Researchers Discover Way to Bypass Vulnerability Detection via Specially Crafted NPM Libraries
https://thehackernews.com/2022/11/researchers-find-way-malicious-npm.html
Cybercriminals Using FIFA World Cup as Cover for Updated Phishing Campaigns
https://www.scmagazine.com/news/cybercrime/cybercriminals-look-to-exploit-sports-fans-with-world-cup-themed-attacks
Several Dell, HP, and Lenovo Devices Found to be Using Outdated and Insecure OpenSSL Libraries
https://securityaffairs.co/wordpress/138986/security/dell-hp-lenovo-openssl-outdated.html
US FCC Bans Importation of Electronics from Several Chinese Companies
https://securityaffairs.co/wordpress/138998/breaking-news/fcc-bans-import-chinese-equipment.html
Amazon AWS Patches Privilege Escalation Flaw in its Codebase
https://securityaffairs.co/wordpress/139045/hacking/amazon-web-services-flaw.html

Hand-Picked Top-Read Stories

Weekly Top 10 – 04.22.2024- MITRE breach, Hackers Exploit Fortinet Flaw, UNDP investigates ransomware attack, and More.

Weekly Top 10 – 04.15.2024- Google Bug Bounties, Medusa Ransomware Returns, LG Smart TVs Vulnerable, and More.

Weekly Top 10 – 04.9.2024- XZ Utils Backdoor, Vultur Banking Trojan, New Chrome Features, and More.

Trending Tags

Weekly Top Ten Cybersecurity Stories – 12.2.2022

Previous Post

A No-Cost Way To Lower Risk Of a Cyber Attack

Next Post

My Conversation With OpenAI About Cybersecurity

The New Standard of

Cybersecurity
Education

Innovate Cybersecurity Summit

Threat Advisories

Weekly Top 10 – 04.22.2024- MITRE breach, Hackers Exploit Fortinet Flaw, UNDP investigates ransomware attack, and More.

Weekly Top 10 – 04.15.2024- Google Bug Bounties, Medusa Ransomware Returns, LG Smart TVs Vulnerable, and More.

Weekly Top 10 – 04.9.2024- XZ Utils Backdoor, Vultur Banking Trojan, New Chrome Features, and More.

Weekly Top 10 – 04.2.2024- SharePoint and AMD Vulnerabilities, Password Spraying VPN Attacks, Tycoon 2FA, and More.

Weekly Top 10 – 03.25.2024- AI Enhanced Cyber Attacks Rising, Microsoft Warns Taxpayers of Tax Return Phishing Scams, “Fluffy Wolf” Stealer Malware Targets Corporate Environments, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware