Weekly Top Ten Cybersecurity Stories – 4.22.2022 – Innovate Cybersecurity

WEEKLY TOP TEN | APRIL 22, 2022 12:15 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

Vulnerability CVE-2022-20685 Disclosed That Can Render Snort Ineffective
https://securityaffairs.co/wordpress/130436/security/snort-bug-makes-it-unusable.html
Lenovo Discloses UEFI Firmware Vulnerabilities Affecting 100+ Laptop Models
https://www.bleepingcomputer.com/news/security/lenovo-uefi-firmware-driver-bugs-affect-over-100-laptop-models/
Fortinet Tracks New DDoS Botnet EnemyBot Abusing Dozens of Vulnerabilities To Infect Routers and IoT Devices
https://securityaffairs.co/wordpress/130291/cyber-crime/enemybot-botnet-ddos.html
REvil Infrastructure Reactivates, Lists Old and New Victims on Leak Website
https://www.computing.co.uk/news/4048545/revil-ransomware-infrastructure-appears-restarted-months-inactivity
Fake Windows 11 Download Page Installing InnoStealer Credential Stealer
https://www.windowscentral.com/windows-11-download-page-imitator-spreading-malware-pcs
CISA Adds Print Spooler, 2 Other Vulnerabilities To Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/130401/hacking/win-print-spooler-known-exploited-vulnerabilities-catalog.html
QNAP Advises Customers to Disable UPnP Port Forwarding to Protect NAS Devices
https://securityaffairs.co/wordpress/130393/security/qnap-nas-disable-upnp-port-forwarding.html
Oracle Releases Critical Patch Update for April 2022, Addressing 520 Vulnerabilities
https://www.cisa.gov/uscert/ncas/current-activity/2022/04/19/oracle-releases-april-2022-critical-patch-update
CISA Warns of Potential Russian State-Sponsored Cyber Operations In Response to Ukraine War Developments
https://www.cisa.gov/uscert/ncas/alerts/aa22-110a
AdvIntel Provides Technical Analysis of Conti Ransomware Group Infrastructure
https://www.advintel.io/post/enter-karakurt-data-extortion-arm-of-prolific-ransomware-group

Hand-Picked Top-Read Stories

Weekly Top 10 — 7.22.2024 — Threat Actors Spread Password Stealers using Facebook Ads; 15M Trello User Email Addresses Leaked; Microsoft-Signed Chinese Kernel Level Malware Discovered, and More.

Crowdstrike Falcon Sensor Update Causes Mass Outage On Windows Endpoints—How To Fix

Weekly Top 10 — 7.15.2024 — Massive AT&T Data Breach; CRYSTALRAY: Inside Story; Avast Releases a DoNex Decryptor; Microsoft Patch Tuesday, and More.

Trending Tags

Weekly Top Ten Cybersecurity Stories – 4.22.2022

Previous Post

Why Scheduled Patch Windows Are Bad Practice

Next Post

The Return of Emotet Malware

The New Standard of

Cybersecurity
Education

Innovate Cybersecurity Summit

Threat Advisories

Weekly Top 10 — 7.22.2024 — Threat Actors Spread Password Stealers using Facebook Ads; 15M Trello User Email Addresses Leaked; Microsoft-Signed Chinese Kernel Level Malware Discovered, and More.

Crowdstrike Falcon Sensor Update Causes Mass Outage On Windows Endpoints—How To Fix

Weekly Top 10 — 7.15.2024 — Massive AT&T Data Breach; CRYSTALRAY: Inside Story; Avast Releases a DoNex Decryptor; Microsoft Patch Tuesday, and More.

Weekly Top 10 — 7.2.2024 — Windows XSS Phishing Attacks, SneakyChef APT, Redis Servers Under Attack, and More.

Update To OpenSSH Fixes Reintroduced Remote Code Execution Vulnerability

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware