WEEKLY TOP TEN | APRIL 7, 2023 13:22 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- The Defender’s Guide to the 3CX Supply Chain Attack
https://opalsec.substack.com/p/the-defenders-guide-to-the-3cx-supply - Western Digital discloses network breach, My Cloud service down
https://www.bleepingcomputer.com/news/security/western-digital-discloses-network-breach-my-cloud-service-down/ - Malicious ISO File Leads to Domain Wide Ransomware
https://thedfirreport.com/2023/04/03/malicious-iso-file-leads-to-domain-wide-ransomware/ - Rorschach Ransomware Emerges: Experts Warn of Advanced Evasion Strategies
https://thehackernews.com/2023/04/rorschach-ransomware-emerges-experts.html - IRS-authorized eFile.com tax return software caught serving JS malware
https://www.bleepingcomputer.com/news/security/irs-authorized-efilecom-tax-return-software-caught-serving-js-malware/ - ‘BEC 3.0’ Is Here With Tax-Season QuickBooks Cyberattacks
https://www.darkreading.com/attacks-breaches/bec-3-tax-season-quickbooks-cyberattacks - The Uninvited Guest: IDORs, Garage Doors, and Stolen Secrets
https://medium.com/@samsabetan/the-uninvited-guest-idors-garage-doors-and-stolen-secrets-e4b49e02dadc - Flood of malicious packages results in NPM registry DoS
https://www.helpnetsecurity.com/2023/04/05/flood-of-malicious-packages-results-in-npm-registry-dos/ - Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks
https://thehackernews.com/2023/04/hackers-using-self-extracting-archives.html - Typhon Reborn Stealer Malware Resurfaces with Advanced Evasion Techniques
https://thehackernews.com/2023/04/typhon-reborn-stealer-malware.html
