By security practitioners, for security practitioners innovate | novacoast federal | novaSOC | novacoast
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 8.5.2022

WEEKLY TOP TEN | AUGUST 5, 2022 14:25 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. Cisco Patches Several High-Severity Vulnerabilities Affecting Small Business VPN Routers
    https://securityaffairs.co/wordpress/133984/security/cisco-small-business-vpn-routers-flaws.html
  2. LockBit 3.0 Utilizing Living Off the Land (LOLBIN) Technique to Bypass Defender and Load Cobalt Strike Beacons
    https://www.sentinelone.com/blog/living-off-windows-defender-lockbit-ransomware-sideloads-cobalt-strike-through-microsoft-security-tool/
  3. Threat Actor Abusing Atlassian Confluence Vulnerability to Deploy Cryptominer and Novel Backdoor
    https://thehackernews.com/2022/08/hackers-exploited-atlassian-confluence.html
  4. GitHub Removes Over 35,000 Malware-laced Clones Masquerading as Common Repos
    https://www.bleepingcomputer.com/news/security/35-000-code-repos-not-hacked-but-clones-flood-github-to-serve-malware/
  5. Cyble Warns of Increasing Rate of “Stegomalware” Deploying in Low Detection Rate Files
    https://blog.cyble.com/2022/08/04/stegomalware-identifying-possible-attack-vectors/
  6. Sonatype Alerts to Malware and Ransomware-ridden Files Typosquatting on Several Python Requests
    https://blog.sonatype.com/ransomware-in-a-pypi-sonatype-spots-requests-typosquat
  7. VirusTotal Releases Report Discussing Malware Deception Trends
    https://blog.virustotal.com/2022/08/deception-at-scale.html
  8. Cisco Talos Discovers “Manjusaka” Variant of Cobalt Strike
    https://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.html
  9. FCC Warns of Increasing Use of Smishing Attacks
    https://securityaffairs.co/wordpress/133865/cyber-crime/fcc-warns-smishing-attacks.html
  10. Huntress Researchers Disclose Initial Access Brokers (IABs) Increasingly Target MSPs
    https://www.huntress.com/blog/threat-advisory-hackers-are-selling-access-to-msps
Previous Post

How To Choose a SOC-as-a-Service

Next Post

Digital Guardian Training and Certification

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.