IT Security Weekend Catch Up – May 13, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Who cares what the public think? UK public attitudes to regulating data and data-driven technologies
  2. Thousands of popular websites see what you type – before you hit submit
  3. 10 GB database exposing VPN users dumped (for free) on Telegram
  4. Ukrainian sentenced to 4 years for selling hacked passwords
  5. Ransomware attack hits production facilities of agricultural equipment giant AGCO
  6. Costa Rica declares national emergency after Conti ransomware attacks
  7. Canadian fighter jet training company investigating ransomware attack
  8. Colonial Pipeline facing $1,000,000 fine for poor recovery plans
  9. Germany still not affected by Russia-linked cyberattacks
  10. Google Chrome updates failing on Android devices in Russia
  11. Google: Shared success in building a safer open source community

For the more technical

  1. F5 iControl REST endpoint authentication bypass technical deep dive
  2. Critical F5 BIG-IP vulnerability exploited to wipe devices
  3. CVE-2022-30525 (FIXED): Zyxel firewall unauthenticated remote command injection
  4. Microsoft May 2022 Patch Tuesday
  5. SMM callouts in HP products
  6. Hundreds of thousands of Konica printers vulnerable to hacking via ​​physical access
  7. How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access
  8. Common LinkedIn scams: Beware of phishing attacks and fake job offers
  9. Dirty deeds done dirt cheap: Russian RAT offers backdoor bargains
  10. Nerbian RAT using COVID-19 themes features sophisticated evasion techniques
  11. IceApple: A novel Internet Information Services (IIS) post-exploitation framework (PDF)
  12. New tool release: Discovering the origin host to bypass web application firewalls aplikacji
  13. Info-stealer campaign targets German car dealerships and manufacturers
  14. npm supply chain attack targets Germany-based companies with dangerous backdoor malware
  15. Sophos: The state of ransomware 2022 (PDF)
  16. Kaspersky: New ransomware trends in 2022
  17. Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
  18. Welcome “Frappo” – The new Phishing-as-a-Service used by cybercriminals to attack customers of major financial institutions and online-retailers
  19. The pervasive nature of credit card skimmers
  20. Ukraine warns of “chemical attack” phishing pushing stealer malware
  21. Overview of the 9 distinct data wipers used in the Ukraine war (PDF)
  22. APT34 targets Jordan Government using new Saitama backdoor
  23. Please confirm you received our APT
  24. Cobalt Mirage conducts ransomware operations in U.S.

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *