WEEKLY TOP TEN | APRIL 29, 2022 16:05 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- Microsoft Discloses Nimbuspwn Vulnerability Affecting Linux Allowing for Privilege Escalation
https://www.microsoft.com/security/blog/2022/04/26/microsoft-finds-new-elevation-of-privilege-linux-vulnerability-nimbuspwn/ - Security Researcher Discloses Proof-of-Concept Exploit for Java Signature Bypass Vulnerability
https://securityaffairs.co/wordpress/130522/security/poc-java-vulnerability-cve-2022-21449.html - Bumblebee Malware Loader Appears to Replace BazarLoader For CyberAttacks
https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-replaces-contis-bazarloader-in-cyberattacks/ - Iranian APT35 Exploits CVE-2022-22954 Affecting VMWare Workspace ONE to Deploy Malware
https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-vmware-rce-flaw-to-install-backdoors/ - Onyx Ransomware Destroying Files Instead of Just Encrypting Them
https://www.bleepingcomputer.com/news/security/beware-onyx-ransomware-destroys-files-instead-of-encrypting-them/ - DFIR Report Analyzes Quantum Ransomware and Notes Less Than 4 Hours to Encryption
https://thedfirreport.com/2022/04/25/quantum-ransomware/ - CISA Releases 2021 List of Top 15 Exploited Vulnerabilities
https://www.cisa.gov/uscert/ncas/alerts/aa22-117a - VirusTotal Flaw Patched Allowing For Remote Code Execution and Reverse Shell Access to Security Vendor Products
https://www.itnews.com.au/news/googles-virustotal-service-vulnerable-for-over-eight-months-579170 - Microsoft Details Russian Actions in Lead-up to Ukraine Invasion
https://blogs.microsoft.com/on-the-issues/2022/04/27/hybrid-war-ukraine-russia-cyberattacks/ - FBI Releases Indicators of Compromise Associated with BlackCat/ALPHV Ransomware
https://www.cisa.gov/uscert/ncas/current-activity/2022/04/22/fbi-releases-iocs-associated-blackcatalphv-ransomware