By security practitioners, for security practitioners innovate | novacoast federal | novaSOC | novacoast
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 5.27.2022

WEEKLY TOP TEN | MAY 27, 2022 13:32 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. CISA Adds 41 New Vulnerabilities to Known Exploited Vulnerabilities Catalog
    https://securityaffairs.co/wordpress/131646/security/known-exploited-vulnerabilities-catalog-flaws-2.html
  2. Cisco Releases Security Update for CVE-2022-20821 Affecting IOS XR Software
    https://securityaffairs.co/wordpress/131516/security/cisco-ios-xr-flaw.html
  3. Quanta Cloud Technology Servers Found Vulnerable to “Pantsdown” BMC Exploit (CVE-2019-6260)
    https://thehackernews.com/2022/05/critical-pantsdown-bmc-vulnerability.html
  4. HP Wolf Security Team Discovers Malware Propagating Via Malicious PDF Documents
    https://threatresearch.ext.hp.com/pdf-malware-is-not-yet-dead/#
  5. Threat Actors Targeting Security Researchers Through Fake Proof of Concept Exploits on Github
    https://securityaffairs.co/wordpress/131553/intelligence/fake-poc-exploits-attacks.html
  6. Recorded Future Note an Increasing Amount of Session Hijacking and Cookie Theft by Criminals to Bypass MFA
    https://www.infosecurity-magazine.com/blogs/threat-session-hijacking-mfa-bypass/
  7. Red Canary Note Resurgence and New TTPs in ChromeLoader Malvertising Malware
    https://redcanary.com/blog/chromeloader/
  8. Security Research MalwareHunterTeam Discover Shift in IndustrialSpy Malware Towards Ransomware
    https://www.bleepingcomputer.com/news/security/industrial-spy-data-extortion-market-gets-into-the-ransomware-game/
  9. Microsoft Researchers Warn of Web Skimming Campaigns Masquerading As Google Analytics or Meta Pixel Scripts
    https://www.microsoft.com/security/blog/2022/05/23/beneath-the-surface-uncovering-the-shift-in-web-skimming/
  10. Interpol Concerned at Proliferation of APT and Nation-state Malware Into Cybercriminal Hands
    https://securityaffairs.co/wordpress/131618/cyber-crime/nation-state-malware-dark-web.html
Previous Post

Avoiding Common Incident Response Pitfalls

Next Post

Building a Privileged Account Management (PAM) Strategy

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.