By security practitioners, for security practitioners novacoast federal | Pillr | novacoast | about innovate
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories – 9.2.2022

WEEKLY TOP TEN | SEPTEMBER 2, 2022 16:22 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. LockBit Ransomware Group Begins DDoS As Part of Triple Extortion Tactics
    https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-gets-aggressive-with-triple-extortion-tactic/
  2. Cybereason Performs Deep Dive on Ragnar Locker Ransomware Group Trends and TTPs
    https://www.cybereason.com/blog/threat-analysis-report-ragnar-locker-ransomware-targeting-the-energy-sector
  3. LassPass Discloses the Compromise of Its Source Code After a Breach
    https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/
  4. Video Game Anti-Cheating Driver Used by Ransomware, Rootkits to Disable Antivirus
    https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html
  5. Nitrokod “Freeware” Campaign Deploying Cryptominers Via Malware-packed Applications
    https://research.checkpoint.com/2022/check-point-research-detects-crypto-miner-malware-disguised-as-google-translate-desktop-and-other-legitimate-applications/
  6. Iran-affiliated Mercury APT Continuing to Leverage Log4Shell Vulnerability as Initial Access Vector
    https://securityaffairs.co/wordpress/134876/apt/mercury-exploit-log4shell-flaw.html
  7. Researchers Discover Infostealer MiniStealer Distributing for Free on Cybercrime Forums
    https://blog.cyble.com/2022/08/29/mini-stealer-possible-predecessor-of-parrot-stealer/
  8. Cross-platform BianLian Ransomware Reaches 15 Victims Since July Inception
    https://thehackernews.com/2022/09/researchers-detail-emerging-cross.html
  9. Georgia Institute of Technology Develops Tool to Discover Malicious Plugins Infecting Thousands of WordPress Sites
    https://securityaffairs.co/wordpress/135032/reports/wordpress-malicious-plugins.html
  10. Google Confirms Several Chrome Extensions Perform Cookie-Stuffing to Support Threat Actor Activity
    https://www.popsci.com/technology/chrome-extension-installation-malware-netflix-party/
Previous Post

Artificial Intelligence Is Making a Massive Impact—Just Not in Cybersecurity

Next Post

Omada Training and Certification

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.