WEEKLY TOP TEN | MARCH 10, 2023 13:14 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- How to prevent Microsoft OneNote files from infecting Windows with malware
https://www.bleepingcomputer.com/news/security/how-to-prevent-microsoft-onenote-files-from-infecting-windows-with-malware/ - Experts Reveal Google Cloud Platform’s Blind Spot for Data Exfiltration Attacks
https://thehackernews.com/2023/03/experts-reveal-google-cloud-platforms.html - SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms
https://thehackernews.com/2023/03/sys01stealer-new-threat-using-facebook.html - Inside Threat: Developers Leaked 10M Credentials, Passwords in 2022
https://www.darkreading.com/application-security/inside-threat-developers-leaked-10m-credentials-passwords-2022 - DBatLoader and Remcos RAT Sweep Eastern Europe
https://www.sentinelone.com/blog/dbatloader-and-remcos-rat-sweep-eastern-europe/ - New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
https://thehackernews.com/2023/03/new-scrubcrypt-crypter-used-in.html - Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware
https://thehackernews.com/2023/03/hackers-exploiting-remote-desktop.html - CorePlague: Severe Vulnerabilities in Jenkins Server Lead to RCE
https://blog.aquasec.com/jenkins-server-vulnerabilities - AI-Powered ‘BlackMamba’ Keylogging Attack Evades Modern EDR Security https://www.darkreading.com/endpoint/ai-blackmamba-keylogging-edr-security
- Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps https://thehackernews.com/2023/03/transparent-tribe-hackers-distribute.html
