Weekly Top Ten Cybersecurity Stories – 4.29.2022 – Innovate Cybersecurity

WEEKLY TOP TEN | APRIL 29, 2022 16:05 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

Microsoft Discloses Nimbuspwn Vulnerability Affecting Linux Allowing for Privilege Escalation
https://www.microsoft.com/security/blog/2022/04/26/microsoft-finds-new-elevation-of-privilege-linux-vulnerability-nimbuspwn/
Security Researcher Discloses Proof-of-Concept Exploit for Java Signature Bypass Vulnerability
https://securityaffairs.co/wordpress/130522/security/poc-java-vulnerability-cve-2022-21449.html
Bumblebee Malware Loader Appears to Replace BazarLoader For CyberAttacks
https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-replaces-contis-bazarloader-in-cyberattacks/
Iranian APT35 Exploits CVE-2022-22954 Affecting VMWare Workspace ONE to Deploy Malware
https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-vmware-rce-flaw-to-install-backdoors/
Onyx Ransomware Destroying Files Instead of Just Encrypting Them
https://www.bleepingcomputer.com/news/security/beware-onyx-ransomware-destroys-files-instead-of-encrypting-them/
DFIR Report Analyzes Quantum Ransomware and Notes Less Than 4 Hours to Encryption
https://thedfirreport.com/2022/04/25/quantum-ransomware/
CISA Releases 2021 List of Top 15 Exploited Vulnerabilities
https://www.cisa.gov/uscert/ncas/alerts/aa22-117a
VirusTotal Flaw Patched Allowing For Remote Code Execution and Reverse Shell Access to Security Vendor Products
https://www.itnews.com.au/news/googles-virustotal-service-vulnerable-for-over-eight-months-579170
Microsoft Details Russian Actions in Lead-up to Ukraine Invasion
https://blogs.microsoft.com/on-the-issues/2022/04/27/hybrid-war-ukraine-russia-cyberattacks/
FBI Releases Indicators of Compromise Associated with BlackCat/ALPHV Ransomware
https://www.cisa.gov/uscert/ncas/current-activity/2022/04/22/fbi-releases-iocs-associated-blackcatalphv-ransomware

Hand-Picked Top-Read Stories

Weekly Top 10 – 04.22.2024- MITRE breach, Hackers Exploit Fortinet Flaw, UNDP investigates ransomware attack, and More.

Weekly Top 10 – 04.15.2024- Google Bug Bounties, Medusa Ransomware Returns, LG Smart TVs Vulnerable, and More.

Weekly Top 10 – 04.9.2024- XZ Utils Backdoor, Vultur Banking Trojan, New Chrome Features, and More.

Trending Tags

Weekly Top Ten Cybersecurity Stories – 4.29.2022

Previous Post

The Return of Emotet Malware

Next Post

Pen Test Postmortem: How To Get Owned

The New Standard of

Cybersecurity
Education

Innovate Cybersecurity Summit

Threat Advisories

Weekly Top 10 – 04.22.2024- MITRE breach, Hackers Exploit Fortinet Flaw, UNDP investigates ransomware attack, and More.

Weekly Top 10 – 04.15.2024- Google Bug Bounties, Medusa Ransomware Returns, LG Smart TVs Vulnerable, and More.

Weekly Top 10 – 04.9.2024- XZ Utils Backdoor, Vultur Banking Trojan, New Chrome Features, and More.

Weekly Top 10 – 04.2.2024- SharePoint and AMD Vulnerabilities, Password Spraying VPN Attacks, Tycoon 2FA, and More.

Weekly Top 10 – 03.25.2024- AI Enhanced Cyber Attacks Rising, Microsoft Warns Taxpayers of Tax Return Phishing Scams, “Fluffy Wolf” Stealer Malware Targets Corporate Environments, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware