Cyber security week in review: June 17, 2022
The cyber security world in brief: Microsoft patched Follina zero-day, Travis CI API exposes thousands of secret user access tokens, and more.
Cybersecurity News - Page 262
Chinese APT exploited Sophos Firewall zero-day vulnerability weeks before fix
The exploitation of a zero-day bug began on March 5, 2022, three weeks before the patch was released.
2,000 suspected scammers arrested, $50M seized in international police operation
The operation, codenamed First Light 2022, was focused on social engineering fraud.
Cybercriminals attack servers using old Telerik UI vulnerabilities
Using tree old bugs, the hackers install Cobalt Strike beacons and deploy Monero miners on servers.
New Hertzbleed side-channel attack allows to extract cryptographic keys from remote servers
Both Intel and AMD have no plans to release microcode patches to address Hertzbleed.
Microsoft June 2022 Patch Tuesday includes much anticipated fix for Windows MSDT zero-day
June 2022 Patch Tuesday resolves over 50 bugs affecting various Microsoft's products.
Record-breaking HTTPS DDoS attack generated 26 million request per second
The attack originated from a small but powerful botnet of 5,067 devices which generated approximately 5,200 requests per second.
Suspected Iranian hackers targeted former Israeli officials, US ambassador
The goal of the operation was to collect personal information, passport scans, and access to email accounts.
BlackCat ransomware affiliates use unpatched Exchange servers to sneak into networks
Microsoft said at least two known affiliates are now adopting BlackCat: FIN12 and DEV-0504.
Fancy Lazarus demanded $250K ransom from Ukrainian mobile operator Kyivstar to avoid DDoS attack
After the company refused to pay the ransom, the hackers launched a massive DDoS attack against Kyivstar, which reached a size of 1.5 tbps.
Showing elements 2611 - 2620