This Week in Cyberspace (22-28 January 2022)
What happened in the cyber world this week? The prominent cyber security news of the week is with you...
Two-Fifths of Ransomware Victims Still Paying Up
Two-fifths (39%) of ransomware victims paid their extorters over the past three years, with the majority of these spending at least $100,000, according to new Anomali research.
Over 90 WordPress Themes, Plugins Backdoored in Supply Chain Attack
A massive supply chain attack compromised 93 WordPress themes and plugins to contain a backdoor, giving threat-actors full access to websites.
Microsoft Disables Excel 4.0 Macros by Default to Block Malware
Microsoft has announced that Excel 4.0 (XLM) macros will now be disabled by default to protect customers from malicious documents.
A Bug in McAfee Agent Allows Running Code with Windows SYSTEM Privileges
McAfee addressed a security flaw in its McAfee Agent software for Windows that allows running arbitrary code with SYSTEM privileges.
Dutch Cybersecurity Agency Warns of Lingering Log4j Risks
In a warning issued on Thursday, the Dutch National Cybersecurity Centre (NCSC) says organizations should still be aware of risks connected to Log4j attacks and remain vigilant for ongoing threats.
CISA Adds 17 Vulnerabilities to List of Bugs Exploited in Attacks
This week, the Cybersecurity and Infrastructure Security Agency (CISA) added seventeen actively exploited vulnerabilities to the 'Known Exploited Vulnerabilities Catalog.
Experts Find Strategic Similarities b/w NotPetya and WhisperGate Attacks on Ukraine
Latest analysis into the wiper malware that targeted dozens of Ukrainian agencies earlier this month has revealed "strategic similarities" to NotPetya malware that was unleashed against the country's infrastructure and elsewhere in 2017.
Microsoft Tests a New "Rejuvenated" Windows 11 Task Manager, How to Enable?
Microsoft is testing a new hidden feature in the latest Windows 11 preview build that rejuvenates the user interface for Task Manager with a new design and modern appearance.
Malicious PowerPoint Files Used to Push Remote Access Trojans
Since December 2021, a growing trend in phishing campaigns has emerged that uses malicious PowerPoint documents to distribute various types of malware, including remote access and information-stealing trojans.
CWP Bugs Allow Code Execution as Root on Linux Servers, Patch Now!
Two security vulnerabilities that impact the Control Web Panel (CWP) software can be chained by unauthenticated attackers to gain remote code execution (RCE) as root on vulnerable Linux servers.
Konum Verileri Üzerinden Kullanıcıları Aldattığı İddiasıyla Google’a Dava
A three-year-long investigation into Google’s privacy practices prompted four separate lawsuits filed on Monday by the attorneys general of the District of Columbia, Texas, Washington, and Indiana, claiming that the tech giant misled users by continuing to track their information even when told not to.
EU to Fund Bug Bounty Programs for LibreOffice, Mastodon, Three Others
The European Union will fund a bug bounty program for five open source projects that are heavily used by public services across the EU.
Linux Kernel Bug Can Let Hackers Escape Kubernetes Containers
A vulnerability affecting Linux kernel and tracked as CVE-2022-0185 can be used to escape containers in Kubernetes, giving access to resources on the host system.
Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets
Cybersecurity researchers on Tuesday took the wraps off a multi-stage espionage campaign targeting high-ranking government officials overseeing national security policy and individuals in the defense industry in Western Asia.
VMware: Patch Horizon Servers Against Ongoing Log4j Attacks!
VMware urges customers to patch critical Log4j security vulnerabilities impacting Internet-exposed VMware Horizon servers targeted in ongoing attacks.
Windows 11 KB5008353 Cumulative Update Preview Released
Microsoft has released the optional KB5008353 Preview cumulative update for Windows 11 with 39 fixes or improvements.
Let's Encrypt is Revoking Lots of SSL Certificates in Two Days
Let's Encrypt will begin revoking certain SSL/TLS certificates issued within the last 90 days starting January 28, 2022. The move could impact millions of active Let's Encrypt certificates.
Apple Fixes New Zero-Day Exploited to Hack macOS, iOS Devices
Apple has released security updates to fix two zero-day vulnerabilities, with one publicly disclosed and the other exploited in the wild by attackers to hack into iPhones and Macs.
Linux Version of LockBit Ransomware Targets VMware ESXi Servers
In a new report, Trend Micro researchers analyzed the ransomware gang's Linux encryptor and explained how it's used to target VMWare ESXi and vCenter installations.
Microsoft Mitigated a Record 3.47 Tbps DDoS Attack on Azure Users
Microsoft says its Azure DDoS protection platform mitigated a massive 3.47 terabits per second (Tbps) distributed denial of service (DDoS) attack targeting an Azure customer from Asia in November.
BotenaGo Botnet Kodu GitHub’a Sızdı
The malware had already put millions of routers and IoT devices at risk, and now any noob can have at it.
Taiwanese Apple and Tesla Contractor Hit by Conti Ransomware
Delta Electronics, a Taiwanese electronics company and a provider for Apple, Tesla, HP, and Dell, disclosed that it was the victim of a cyberattack discovered on Friday morning.
QNAP Force-Installs Update After DeadBolt Ransomware Hits 3,600 Devices
QNAP force-updated customer's Network Attached Storage (NAS) devices with firmware containing the latest security updates to protect against the DeadBolt ransomware, which has already encrypted over 3,600 devices.
Sign up for the e-mail list to be informed about the developments in the cyber world and to be informed about the weekly newsletter.
Haber bültenine kaydolduğunuz için teşekkürler!
Something went wrong.
