By security practitioners, for security practitioners novacoast federal | Apex Program | novacoast | about innovate
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 12.2.2022

WEEKLY TOP TEN | DECEMBER 2, 2022 20:55 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. Organizations at Risk Due to Active Exploitation of Fortinet CVE-2022-40684
    https://blog.cyble.com/2022/11/24/multiple-organisations-compromised-by-critical-authentication-bypass-vulnerability-in-fortinet-products-cve-2022-40684/
  2. CISA Adds Oracle Fusion MIddleware CVE-2021-35587 to Known Exploited Vulnerability Database
    https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html
  3. GoTo, Formely LogMeIn, Discloses Breach of its Development Environment and Cloud Storage
    https://www.bleepingcomputer.com/news/security/goto-says-hackers-breached-its-dev-environment-cloud-storage/
  4. LastPass Reports Secondary Breach Following Earlier August 2022 Attack
    https://securityaffairs.co/wordpress/139136/data-breach/lastpass-second-security-breach.html
  5. Microsoft Warns of LSASS Leaks Following November Patch Tuesday Causing Potential Domain Controller Freezes
    https://www.bleepingcomputer.com/news/microsoft/new-windows-server-updates-cause-domain-controller-freezes-restarts/
  6. Researchers Discover Way to Bypass Vulnerability Detection via Specially Crafted NPM Libraries
    https://thehackernews.com/2022/11/researchers-find-way-malicious-npm.html
  7. Cybercriminals Using FIFA World Cup as Cover for Updated Phishing Campaigns
    https://www.scmagazine.com/news/cybercrime/cybercriminals-look-to-exploit-sports-fans-with-world-cup-themed-attacks
  8. Several Dell, HP, and Lenovo Devices Found to be Using Outdated and Insecure OpenSSL Libraries
    https://securityaffairs.co/wordpress/138986/security/dell-hp-lenovo-openssl-outdated.html
  9. US FCC Bans Importation of Electronics from Several Chinese Companies
    https://securityaffairs.co/wordpress/138998/breaking-news/fcc-bans-import-chinese-equipment.html
  10. Amazon AWS Patches Privilege Escalation Flaw in its Codebase
    https://securityaffairs.co/wordpress/139045/hacking/amazon-web-services-flaw.html
Previous Post

A No-Cost Way To Lower Risk Of a Cyber Attack

Next Post

My Conversation With OpenAI About Cybersecurity

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.