By security practitioners, for security practitioners novacoast federal | Apex Program | novacoast | about innovate
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 2.10.2023

WEEKLY TOP TEN | FEBRUARY 10, 2023 20:22 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. Royal Ransomware Pivots to Targeting Linux and ESXi, Matching Greater ESXiArgs Campaign
    https://blog.cyble.com/2023/02/09/the-royal-menace-spreads-to-linux-a-deep-dive-into-this-new-ransomware/
  2. Multiple National CERTs Warn of Active ESXi Ransomware Campaign in Progress Abusing CVE-2021-21974
    https://securityaffairs.com/141804/cyber-crime/vmware-esxi-ransomware.html
  3. OpenSSH Patches CVE-2023-25136 Arbitrary Code Execution Vulnerability
    https://securityaffairs.com/141907/hacking/openssh-pre-auth-double-free-bug.html
  4. OpenSSL Patches Multiple Vulnerabilities, Several Allowing for RCE
    https://thehackernews.com/2023/02/openssl-fixes-multiple-new-security.html
  5. BYOVD for Sunlogin Abused to Deploy Sliver Cobalt Strike-alternative
    https://thehackernews.com/2023/02/hackers-exploit-vulnerabilities-in.html
  6. Threat Actors Leverage Longer Time-to-Infect, Better Information and Management Relationships to Craft Increasingly Convincing Spearphishing Emails
    https://www.zdnet.com/article/theres-been-a-big-rise-in-phishing-attacks-this-one-worked/#ftag=RSSbaffb68
  7. New Vulnerabilities Discovered Affecting Industrial Internet of Things (IIOT)
    https://thehackernews.com/2023/02/critical-infrastructure-at-risk-from.html
  8. CISA Adds Multiple Vulnerabilities Related to SugarCRM and Oracle to the Known Exploited Vulnerabilities Catalog
    https://securityaffairs.com/141838/security/oracle-sugarcrm-known-exploited-vulnerabilities-catalog.html
  9. Multi-purpose Linux-centric Medusa Botnet Found Deploying via Mirai Botnet Infrastructure
    https://blog.cyble.com/2023/02/03/new-medusa-botnet-emerging-via-mirai-botnet-targeting-linux-users/
  10. Cl0p Linux-variant Ransomware Found to Have Reversible Encryption Scheme
    https://thehackernews.com/2023/02/linux-variant-of-clop-ransomware.html
Previous Post

Zero Trust Inside and Out

Next Post

Roundup—The Rundown On 7 Recent High-Profile Data Breaches

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.