By security practitioners, for security practitioners innovate | novacoast federal | novaSOC | novacoast
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 7.1.2022

WEEKLY TOP TEN | JULY 1, 2022 12:55 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. Threat Actors Abusing Microsoft WebView2 To Bypass MFA And Traditional Phishing Countermeasures
    https://www.bleepingcomputer.com/news/security/clever-phishing-method-bypasses-mfa-using-microsoft-webview2-apps/
  2. ReversingLabs Discovers AstraLocker 2.0 Campaign Eschewing Traditional Ransomware TTPs for “Smash and Grab” Tactics
    https://blog.reversinglabs.com/blog/smash-and-grab-astralocker-2-pushes-ransomware-direct-from-office-docs
  3. CISA Adds 8 CVEs to Known Exploited Vulnerability Catalog
    https://www.cisa.gov/uscert/ncas/current-activity/2022/06/27/cisa-adds-eight-known-exploited-vulnerabilities-catalog
  4. Cyble Labs Notes Shift in Bahamut Threat Group Tactics Towards Android Spyware Using Updated Collection Features
    https://blog.cyble.com/2022/06/29/bahamut-android-malware-returns-with-new-spying-capabilities/
  5. CISA Urges Admins to Review and Implement Citrix Security Update for Hypervisor
    https://www.cisa.gov/uscert/ncas/current-activity/2022/06/24/citrix-releases-security-updates-hypervisor
  6. OpenSSL Releases Security Update Patching Memory Corruption Vulnerability
    https://thehackernews.com/2022/06/openssh-to-release-security-patch-for.html
  7. UnRAR Arbitrary Code Execution CVE-2022-30333 Discovered by Researchers
    https://thehackernews.com/2022/06/new-unrar-vulnerability-could-let.html
  8. Cyble Labs Discovers 900,000+ Exposed Kubernetes Clusters, Warns of Data Breach Risk
    https://blog.cyble.com/2022/06/27/exposed-kubernetes-clusters/
  9. MITRE Publishes 2022 CWE Top 25
    https://securityaffairs.co/wordpress/132730/security/mitre-2022-cwe-top-25.html
  10. Microsoft Exchange 2013 End Of Support Slated For April 2023
    https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-server-2013-reaches-end-of-support-in-9-months/

Previous Post

Weekly Top Ten Cybersecurity Stories – 6.24.2022

Next Post

BeyondTrust Training

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.