Weekly Top Ten Cybersecurity Stories – 2.3.2023 – Innovate Cybersecurity

WEEKLY TOP TEN | FEBRUARY 3, 2023 20:55 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

Security Researchers Release Proof-of-Concept Code for VMWare vRealize CVE-2022-31706 Vulnerability
https://securityaffairs.com/141628/hacking/vmware-vrealize-log-rce-poc-resealed.html
Lexmark Releases Patch for 100+ Printer Models Affected by CVE-2023-23560 Remote Code Execution Vulnerability
https://securityaffairs.com/141428/hacking/lexmark-cve-2023-23560-rce.html
In Wake of Microsoft Security Updates, Threat Actors Turn to OneNote to Deliver Initial Malware
https://www.proofpoint.com/us/blog/threat-insight/onenote-documents-increasingly-used-to-deliver-malware
Threat Actors Target Popular Password Managers Following LastPass Breach in Latest Wave of Google Malvertising
https://www.malwarebytes.com/blog/threat-intelligence/2023/01/google-sponsored-ads-malvertising-targets-password-manager
North Korean Lazarus Group APT “No Pineapple” Campaign Discovered Targeting Unpatched Zimbra Email Servers
https://thehackernews.com/2023/02/north-korean-hackers-exploit-unpatched.html
HeadCrab Botnet Compromises 1200+ Redis Servers Worldwide via Bespoke Malware
https://thehackernews.com/2023/02/new-threat-stealthy-headcrab-malware.html
Google Fi Discloses Breach of Customer Data and Possibility of SIM Swapping on Affected Accounts
https://www.bleepingcomputer.com/news/security/google-fi-data-breach-let-hackers-carry-out-sim-swap-attacks/
GitHub Revokes Code Signing Certificate for GitHub Desktop and Atom Following Compromise
https://thehackernews.com/2023/01/github-breach-hackers-stole-code.html
Abused Microsoft Partner Network Accounts Used to Deploy Shadow SaaS Rootkits
https://thehackernews.com/2023/02/hackers-abused-microsofts-verified.html
Additional Vulnerabilities Discovered in AMI MegaRAC BMC Software
https://thehackernews.com/2023/02/additional-supply-chain-vulnerabilities.html

Hand-Picked Top-Read Stories

Weekly Top 10 – 04.22.2024- MITRE breach, Hackers Exploit Fortinet Flaw, UNDP investigates ransomware attack, and More.

Weekly Top 10 – 04.15.2024- Google Bug Bounties, Medusa Ransomware Returns, LG Smart TVs Vulnerable, and More.

Weekly Top 10 – 04.9.2024- XZ Utils Backdoor, Vultur Banking Trojan, New Chrome Features, and More.

Trending Tags

Weekly Top Ten Cybersecurity Stories – 2.3.2023

Previous Post

Weekly Top Ten Cybersecurity Stories – 1.27.2023

Next Post

Zero Trust Inside and Out

The New Standard of

Cybersecurity
Education

Innovate Cybersecurity Summit

Threat Advisories

Weekly Top 10 – 04.22.2024- MITRE breach, Hackers Exploit Fortinet Flaw, UNDP investigates ransomware attack, and More.

Weekly Top 10 – 04.15.2024- Google Bug Bounties, Medusa Ransomware Returns, LG Smart TVs Vulnerable, and More.

Weekly Top 10 – 04.9.2024- XZ Utils Backdoor, Vultur Banking Trojan, New Chrome Features, and More.

Weekly Top 10 – 04.2.2024- SharePoint and AMD Vulnerabilities, Password Spraying VPN Attacks, Tycoon 2FA, and More.

Weekly Top 10 – 03.25.2024- AI Enhanced Cyber Attacks Rising, Microsoft Warns Taxpayers of Tax Return Phishing Scams, “Fluffy Wolf” Stealer Malware Targets Corporate Environments, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware