By security practitioners, for security practitioners innovate | novacoast federal | novaSOC | novacoast
By security practitioners, for security practitioners

Weekly Top Ten Cybersecurity Stories– 4.8.2022

WEEKLY TOP TEN | APRIL 8, 2022 17:54 GMT

Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet. This top 10 has been culled from the 40+ unique stories we found relevant over the week, ranked by highest risk:

  1. Cicada APT Conducting Widespread Cyber Espionage Campaign, Deploying High Complexity Custom Malware and Loaders
    https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cicada-apt10-china-ngo-government-attacks
  2. Mailchimp Reports Breach of Hundreds of Emails After Attackers Use Credential Theft to Compromise Internal Tool, Warns of Phishing Attacks
    https://www.bleepingcomputer.com/news/security/hackers-breach-mailchimps-internal-tools-to-target-crypto-customers/
  3. Threat Actors Like LAPSUS$, APT29 And Others Using “Prompt Bombing” To Defeat Push-Based MFA
    https://www.wired.com/story/multifactor-authentication-prompt-bombing-on-the-rise/
  4. Researchers Discover Denonia Cryptominer Malware Targeting AWS Lambda Cloud Environment, Warn of Growth in Cloud-focused Malware Attacks
    https://www.cadosecurity.com/cado-discovers-denonia-the-first-malware-specifically-targeting-lambda/
  5. UK Intelligence Reporting Uptick in Russian Cyberattacks Against NATO and Eastern Europe Amidst Stalling Ukraine War
    https://www.theguardian.com/world/2022/apr/01/russia-ukraine-cyberwar
  6. Dragos Assess With High Confidence That The Biggest Weakness In European Industrial Operations, Makes Other Key Findings
    https://www.dragos.com/blog/industry-news/assessing-threats-to-european-industrial-infrastructure/
  7. PEAR (PHP Extension and Application Repository) Framework for Reusable PHP Components Discovered to Have Supply Chain Attack Enabling Flaws
    https://securityaffairs.co/wordpress/129797/hacking/pear-php-critical-flaws.html
  8. Analysis by Intel471 on Conti’s Leaked Chatlogs and Playbook Show Increasingly IT Company-like Behavior Patterns
    https://intel471.com/blog/conti-leaks-ransomware-development
  9. US Department of Justice Announces A Disruption to the Sandworm APT-linked Cyclops Blink Botnet
    https://securityaffairs.co/wordpress/129911/cyber-warfare-2/us-disrupts-cyclops-blink-botnet.html
  10. US Treasury Department and Germany Federal Police Shutdown DarkWeb Hydra Marketplace In Long-Running Cooperative Campaign
    https://securityaffairs.co/wordpress/129880/cyber-crime/us-treasury-sanctioned-hydra-market.html
Previous Post

Spring4Shell Zero-Day RCE Affects VMWare’s Java Application Framework

Next Post

8 Years Until Quantum Computers Break Cryptography

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.