Security Affairs newsletter Round 387
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
News
CommonSpirit hospital chains hit by ransomware, patients are facing problems
CommonSpirit, one of the largest hospital chains in the US, suffered a ransomware cyberattack that impacted its operations. Common Spirit,...
Lloyd’s of London investigates alleged cyber attack
Lloyd’s of London launched on Wednesday an investigating into a possible cyber attack after having detected unusual activity on its...
BlackByte Ransomware abuses vulnerable driver to bypass security solutions
The BlackByte ransomware operators are leveraging a flaw in a legitimate Windows driver to bypass security solutions. Researchers from Sophos...
Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
Threat actors are exploiting an unpatched severe remote code execution vulnerability in the Zimbra collaboration platform. Researchers from Rapid7 are...
TOP 10 unattributed APT mysteries
Targeted attack attribution is always a tricky thing, and in general, we believe that attribution is best left to law...
VMware fixed a high-severity bug in vCenter Server
VMware this week addressed a severe vulnerability in vCenter Server that could lead to arbitrary code execution. VMware on Thursday...
How Will the Metaverse Affect Cloud Security?
The metaverse is an immersive digital world of augmented reality. While supporting a virtual universe relies on cloud storage, questions...
Fortinet urges customers to immediately fix a critical authentication bypass flaw in FortiGate and FortiProxy
Fortinet addressed a critical authentication bypass vulnerability that impacted FortiGate firewalls and FortiProxy web proxies. Fortinet addressed a critical authentication...
Hacker stole $566 million worth of Binance Coins from Binance Bridge
Threat actors have stolen 2 million Binance Coins (BNB), worth $566 million, from the popular Binance Bridge. Hackers have reportedly...
LilithBot Malware, a new MaaS offered by the Eternity Group
Researchers linked the threat actor behind the Eternity malware-as-a-service (MaaS) to a new malware strain called LilithBot. Zscaler researchers linked a...
A look at the 2020–2022 ATM/PoS malware landscape
During the pandemic, lockdowns forced people to stay at home and do their shopping online, which was mirrored in point-of-sale...
LilithBot Malware, a new MaaS offere by the Eternity Group
Researchers linked the threat actor behind the Eternity malware-as-a-service (MaaS) to a new malware strain called LilithBot. Zscaler researchers linked a...
Watch out, a bug in Linux Kernel 5.19.12 can damage displays on Intel laptops
A bug in Linux Kernel 5.19.12 that was released at the end of September 2022 can potentially damage the displays...
Secure Web Gateway (SWG) Security – SASE Part 3
Explore why secure web gateway (SWG) is important to effectively secure cloud resources and reduce cyber risk across the attack...
Cyber Hygiene: 5 Tips for Company Buy-In
Good cyber hygiene starts with buy-in from across the enterprise. Discover how CISOs can establish a company-wide security culture to...
Cisco fixed two high-severity bugs in Communications, Networking Products
Cisco fixed high-severity flaws in some of its networking and communications products, including Enterprise NFV, Expressway and TelePresence. Cisco announced...
City of Tucson Data Breach impacted 123,500 individuals
The City of Tucson, Arizona disclosed a data breach, the incident was discovered in May 2022 and impacted 123,500 individuals....
19-Year-Old man arrested for misusing leaked record from Optus Breach
The Australian Federal Police (AFP) arrested a 19-year-old teen from Sydney for attempting to use data from the Optus data...
“Egypt Leaks” – Hacktivists are Leaking Financial Data
Researchers at cybersecurity firm Resecurity spotted a new group of hacktivists targeting financial institutions in Egypt, Resecurity, a California-based cybersecurity...
Uncommon infection and malware propagation methods
Introduction We are often asked how targets are infected with malware. Our answer is nearly always the same: (spear) phishing....
Avast releases a free decryptor for some Hades ransomware variants
Avast released a free decryptor for variants of the Hades ransomware tracked as ‘MafiaWare666’, ‘Jcrypt’, ‘RIP Lmao’, and ‘BrutusptCrypt,’ ....
How Water Labbu Exploits Electron-Based Applications
In the second part of our Water Labbu blog series, we explore how the threat actor exploits Electron-based applications using...
US-CERT Bulletin (SB22-276):Vulnerability Summary for the Week of September 26, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
