By security practitioners, for security practitioners innovate | novacoast federal | novaSOC | novacoast
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 4.22.2022

WEEKLY TOP TEN | APRIL 22, 2022 12:15 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. Vulnerability CVE-2022-20685 Disclosed That Can Render Snort Ineffective
    https://securityaffairs.co/wordpress/130436/security/snort-bug-makes-it-unusable.html
  2. Lenovo Discloses UEFI Firmware Vulnerabilities Affecting 100+ Laptop Models
    https://www.bleepingcomputer.com/news/security/lenovo-uefi-firmware-driver-bugs-affect-over-100-laptop-models/
  3. Fortinet Tracks New DDoS Botnet EnemyBot Abusing Dozens of Vulnerabilities To Infect Routers and IoT Devices
    https://securityaffairs.co/wordpress/130291/cyber-crime/enemybot-botnet-ddos.html
  4. REvil Infrastructure Reactivates, Lists Old and New Victims on Leak Website
    https://www.computing.co.uk/news/4048545/revil-ransomware-infrastructure-appears-restarted-months-inactivity
  5. Fake Windows 11 Download Page Installing InnoStealer Credential Stealer
    https://www.windowscentral.com/windows-11-download-page-imitator-spreading-malware-pcs
  6. CISA Adds Print Spooler, 2 Other Vulnerabilities To Known Exploited Vulnerabilities Catalog
    https://securityaffairs.co/wordpress/130401/hacking/win-print-spooler-known-exploited-vulnerabilities-catalog.html
  7. QNAP Advises Customers to Disable UPnP Port Forwarding to Protect NAS Devices
    https://securityaffairs.co/wordpress/130393/security/qnap-nas-disable-upnp-port-forwarding.html
  8. Oracle Releases Critical Patch Update for April 2022, Addressing 520 Vulnerabilities
    https://www.cisa.gov/uscert/ncas/current-activity/2022/04/19/oracle-releases-april-2022-critical-patch-update
  9. CISA Warns of Potential Russian State-Sponsored Cyber Operations In Response to Ukraine War Developments
    https://www.cisa.gov/uscert/ncas/alerts/aa22-110a
  10. AdvIntel Provides Technical Analysis of Conti Ransomware Group Infrastructure
    https://www.advintel.io/post/enter-karakurt-data-extortion-arm-of-prolific-ransomware-group
Previous Post

Why Scheduled Patch Windows Are Bad Practice

Next Post

The Return of Emotet Malware

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.