WEEKLY TOP TEN | SEPTEMBER 30, 2022 18:37 GMT
Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:
- Microsoft Exchange Zero-Day SSRF + RCE Chained Exploits
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-new-exchange-zero-days-are-used-in-attacks/ - Russian APT28 Utilizing Novel Powerpoint-centric Phishing Techniques to Deploy Graphite Malware
https://www.bleepingcomputer.com/news/security/hackers-use-powerpoint-files-for-mouseover-malware-delivery/ - Hackers Achieving Low-Observable Persistence on ESXi Virtual Machines via Malicious vSphere Installation Bundles
https://www.bleepingcomputer.com/news/security/new-malware-backdoors-vmware-esxi-servers-to-hijack-virtual-machines/ - Okta Subsidiary Auth0 Discloses Partial Compromise of Code Repositories
https://www.bleepingcomputer.com/news/security/auth0-warns-that-some-source-code-repos-may-have-been-stolen/ - Small Business-centric FARGO Ransomware Operators Abusing MS-SQL in Recent Campaign
https://www.itpro.co.uk/security/ransomware/369162/fargo-ransomware-targets-vulnerable-microsoft-sql-servers-in-new-wave-of - Metador APT Discovered After 2-year ISP-focused Infiltration Campaign
https://securityaffairs.co/wordpress/136239/apt/metador-targets-isp-networks.html - High Potency Multi-Platform Chaos Botnet Malware Discovered by Security Researchers
https://blog.lumen.com/chaos-is-a-go-based-swiss-army-knife-of-malware/ - NullMixer RAT-Dropper Deploying Over a Dozen RATs via Software Cracks and Keygens
https://securelist.com/nullmixer-oodles-of-trojans-in-a-single-dropper/107498/ - Threat Actors Turn Towards Quantum Builder to Evade Detection and Diversify Attack Methodology
https://thehackernews.com/2022/09/cyber-criminals-using-quantum-builder.html - Bl00dy Ransomware Operator Begins Copycat Campaign in Wake of Lockbit BLACK Source Code Leak
https://securityaffairs.co/wordpress/136345/cyber-crime/bl00dy-ransomware-lockbit-3-encryptor.html