WEEKLY TOP TEN | JULY 8, 2022 11:52 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- DragonForce Malaysia Hacktivist Groups Releases Proof of Concept Code for Novel LPE Flaw Amidst Shift to Ransomware Focus
https://www.darkreading.com/vulnerabilities-threats/dragonforce-malaysia-releases-lpe-exploit-threatens-ransomware - Threat Actors Leveraging Brute Ratel Red-Team Tool To Better Evade Detection
https://thehackernews.com/2022/07/hackers-abusing-brc4-red-team.html - Raspberry Robin USB Worm Founded in Hundreds of Networks
https://securityaffairs.co/wordpress/132826/malware/microsoft-raspberry-robin-spreading.html - CISA Adds Windows LSA Flaw CVE-2022-26925 to the Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/132830/security/cisa-orders-patch-cve-2022-26925.html - EvilNum Deploying Malware via Office Word Templates And Spearphishing Campaigns
https://www.govinfosecurity.com/evilnum-hacking-group-updates-ttps-targeting-fintech-a-19496 - CISA Releases Alert Regarding North Korean APTs Deploying Maui Ransomware Against Healthcare and Public Health Sector
https://www.cisa.gov/uscert/ncas/alerts/aa22-187a - ALPHV Ransomware Organizing Leaded Data Into Searchable Format, Increasing Risk of Complex Attacks
https://blog.cyble.com/2022/07/06/alphv-ransomware-expands-its-arsenal-of-extortion-techniques/ - Lazarus Group Malware VSingle Using GitHub for C2 Server Information
https://blogs.jpcert.or.jp/en/2022/07/vsingle.html - The Django Project Team Patches a SQL Injection Flaw CVE-2022-34265 In Their Python-based Framework
https://securityaffairs.co/wordpress/132853/security/django-framework-sql-injection.html - Microsoft Releases Patch for ShadowCoerce NTLM Relay Flaw
https://www.bleepingcomputer.com/news/microsoft/microsoft-quietly-fixes-shadowcoerce-windows-ntlm-relay-bug/
