This Week in Cyberspace (29 January-4 February 2022)
What happened in the cyber world this week? The prominent cyber security news of the week is with you...
US Bans Major Chinese Telecom Over National Security Risks
The Federal Communications Commission (FCC) has revoked China Unicom Americas' license, one of the world's largest mobile service providers, over "serious national security concerns."
EU to Create Pan-European Cyber Incident Coordination Framework
The European Systemic Risk Board (ESRB) proposed a new systemic cyber incident coordination framework that would allow EU relevant authorities to coordinate better when responding to major cross-border cyber incidents impacting the Union's financial sector.
Hackers Are Taking Over CEO Accounts With Rogue OAuth Apps
Threat analysts have observed a new campaign named ‘OiVaVoii’, targeting company executives and general managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts.
Hackers Using Device Registration Trick to Attack Enterprises with Lateral Phishing
Microsoft has disclosed details of a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices on a victim's network to further propagate spam emails and widen the infection pool.
Windows Vulnerability with New Public Exploits Lets You Become Admin
A security researcher has publicly disclosed an exploit for a Windows local privilege elevation vulnerability that allows anyone to gain admin privileges in Windows 10.
Designing Security to Mitigate Growing Ransomware Threats
Ransomware has become a top-of-mind security concern for many organizations. High-visibility ransomware attacks have disrupted supply chains and inspired an Executive Order on Cybersecurity in the United States.
German Court Rules Websites Embedding Google Fonts Violates GDPR
A regional court in the German city of Munich has ordered a website operator to pay €100 in damages for transferring a user's personal data — i.e., IP address — to Google via the search giant's Fonts library without the individual's consent.
Americans Lost $770 Million From Social Media Fraud in 2021, FTC Reports
A report from the US Federal Trade Commission (FTC) revealed that in 2021 Americans lost $770 million from social media frauds.
CISA Adds 8 Vulnerabilities to List of Actively Exploited Bugs
The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to its catalog of exploited vulnerabilities that are known to be used in attacks, and they're a mix of old and new.
WordPress Eklentisi Elementor’da Güvenlik Açığı Tespit Edildi
Essential Addons for Elementor, a popular WordPress plugin used in over a million sites, has been found to have a critical remote code execution (RCE) vulnerability in version 5.0.4 and older.
Cloudflare Launches a Paid Public Bug Bounty Program
Cloudflare, an American company focused on web infrastructure and website security, has announced the launch of a new public bug bounty program.
ESET Antivirus Bug Let Attackers Gain Windows SYSTEM Privileges
Slovak internet security firm ESET released security fixes to address a high severity local privilege escalation vulnerability affecting multiple products on systems running Windows 10 and later or Windows Server 2016 and above.
Wormhole Cryptocurrency Platform Hacked to Steal $326 Million
Hackers have exploited a vulnerability in the Wormhole cross-chain crypto platform to steal $326 million in cryptocurrency.
Zimbra Zero-Day Vulnerability Actively Exploited to Steal Emails
A cross-site scripting (XSS) Zimbra security vulnerability is actively exploited in attacks targeting European media and government organizations.
Intuit Warns of Phishing Emails Threatening to Delete Accounts
Accounting and tax software provider Intuit has notified customers of an ongoing phishing campaign impersonating the company and trying to lure victims with fake warnings that their accounts have been suspended.
Sign up for the e-mail list to be informed about the developments in the cyber world and to be informed about the weekly newsletter.
Haber bültenine kaydolduğunuz için teşekkürler!
Something went wrong.
