IT Security Weekend Catch Up – February 5, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. North Korea hacked him. So he took down its Internet
  2. FBI confirms it obtained NSO’s Pegasus spyware
  3. Billionaire Facebook investor Peter Thiel secretly funded a ‘cyber warfare’ startup that hacked WhatsApp
  4. iPhone flaw exploited by second Israeli spy firm-sources
  5. Cryptocurrency platform Wormhole hacked for an estimated $322 million
  6. German petrol supply firm Oiltanking paralyzed by cyber attack
  7. Inside Trickbot, Russia’s notorious ransomware gang
  8. Ransomware wants you to like and subscribe, or else
  9. Announcing the public launch of Cloudflare’s bug bounty program
  10. Top-100 npm package maintainers now require 2FA, and additional security-focused improvements to npm
  11. NordVPN and Surfshark announce merger

For the more technical

  1. ESET antivirus bug let attackers gain Windows SYSTEM privileges
  2. An in-depth look at the 23 high-impact vulnerabilities
  3. Operation EmailThief: Active exploitation of zero-day XSS vulnerability in Zimbra
  4. The Samba vulnerability: What is CVE-2021-44142 and how to fix it
  5. Unauthenticated remote code execution in Motorola baby monitors
  6. This NFT logs your IP address
  7. Crime and NFTs: Chainalysis detects significant wash trading and some money laundering in this emerging asset class
  8. Critical vulnerability fixed in Essential Addons for Elementor plugin
  9. Data Centers facing the risk of cyberattacks
  10. CVE-2022-23968: Xerox vulnerability allows unauthenticated users to remotely brick network printers
  11. Telehealth: A new frontier in medicine—and security
  12. Log4j exploit hits again: Vulnerable Unifi Network application (Ubiquiti) at risk
  13. UPnProxy: Eternal Silence (PDF)
  14. Expert analyst insight into North Korean ‘Internet outages’
  15. QNAP: DeadBolt ransomware exploits a bug patched in December
  16. ALPHV (BlackCat) ransomware + more information
  17. StrifeWater RAT: Iranian APT Moses Staff adds new trojan to ransomware operations
  18. PowerLess trojan: Iranian APT Phosphorus adds new PowerShell backdoor for espionage
  19. 1 in 7 ransomware extortion attacks leak critical operational technology information
  20. ACTINIUM targets Ukrainian organizations
  21. Shuckworm continues cyber-espionage attacks against Ukraine
  22. Russia’s Gamaredon aka Primitive Bear APT group actively targeting Ukraine
  23. Analysis of attack against National Games of China systems

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *