WEEKLY TOP TEN | MAY 30, 2023 20:59 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- China’s Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected
(1) https://thehackernews.com/2023/05/chinas-stealthy-hackers-infiltrate-us.html
(2) https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/ - Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances
(1) https://thehackernews.com/2023/05/barracuda-warns-of-zero-day-exploited.html
(2) https://nvd.nist.gov/vuln/detail/CVE-2023-2868
(3) https://www.barracuda.com/company/legal/esg-vulnerability - GitLab ‘strongly recommends’ patching max severity flaw ASAP
(1) https://www.bleepingcomputer.com/news/security/gitlab-strongly-recommends-patching-max-severity-flaw-asap/
(2) https://about.gitlab.com/releases/2023/05/23/critical-security-release-gitlab-16-0-1-released/
(3) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2825 - Zyxel Issues Critical Security Patches for Firewall and VPN Products
(1) https://thehackernews.com/2023/05/zyxel-issues-critical-security-patches.html
(2) https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls
(3) https://www.cve.org/CVERecord?id=CVE-2023-33009
(4) https://www.cve.org/CVERecord?id=CVE-2023-33010 - BlackByte ransomware claims City of Augusta cyberattack
https://www.bleepingcomputer.com/news/security/blackbyte-ransomware-claims-city-of-augusta-cyberattack/ - New Russian-linked CosmicEnergy malware targets industrial systems
https://www.bleepingcomputer.com/news/security/new-russian-linked-cosmicenergy-malware-targets-industrial-systems/ - D-Link fixes auth bypass and RCE flaws in D-View 8 software
(1) https://www.bleepingcomputer.com/news/security/d-link-fixes-auth-bypass-and-rce-flaws-in-d-view-8-software/
(2) https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332
(3) https://www.zerodayinitiative.com/advisories/ZDI-23-714/
(4) https://www.zerodayinitiative.com/advisories/ZDI-23-716/ - Predator Android Spyware: Researchers Uncover New Data Theft Capabilities
(1) https://thehackernews.com/2023/05/predator-android-spyware-researchers.html
(2) https://blog.talosintelligence.com/mercenary-intellexa-predator/ - Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry
(1) https://thehackernews.com/2023/05/dark-frost-botnet-launches-devastating.html
(2) https://www.akamai.com/blog/security-research/dark-frost-botnet-unexpected-author-profile - Emby shuts down user media servers hacked in recent attack
(1) https://www.bleepingcomputer.com/news/security/emby-shuts-down-user-media-servers-hacked-in-recent-attack/
(2) https://emby.media/support/articles/advisory-23-05.html#install-emby-server-4712-security-update
