Daily Cyber Brief
Microsoft releases patches for 68 vulnerabilities, 15,000 sites hacked for massive Google SEO campaign, and AgentTesla RAT is most prolific malware of October...
Cybersecurity
Microsoft on Tuesday released fixes for 68 vulnerabilities – 11 of them critical – including two zero days known together as “ProxyNotShell”. Cybersecurity experts told The Record many of the vulnerabilities are currently being exploited in the wild by hackers. According to Spurti…
Hackers are conducting a massive black hat search engine optimization (SEO) campaign by compromising almost 15,000 websites to redirect visitors to fake Q&A discussion forums. The attacks were first spotted by Sucuri, who says that each compromised site contains…
No instances of digital interference are known to have affected the counting of the midterm vote after a tense Election Day in which officials were closely monitoring domestic and foreign threats. A few state and local governments appeared to be hit by a relatively…
Info-stealing malware accounted for the three most widespread variants in October, comprising nearly a fifth (16%) of global detections, according to Check Point. The security vendor’s Global Threat Index for October 2022 is compiled from hundreds of millions of its…
A malicious browser extension that works on both Google Chrome and Microsoft Edge allows attackers to remotely take over someone's browser session and carry out a full range of attacks. It's built to steal cookies and other info, mine cryptocurrency, install malware, or take over…
The Global Industrial Control Systems (ICS) Security Market is projected to grow from USD 16.7 billion in 2022 to USD 23.7 billion by 2027, at a Compound Annual Growth Rate (CAGR) of 7.2% from 2022 to 2027, according to a new report by MarketsandMarkets™. The…
Google this week announced the release of a Chrome 107 update that resolves 10 vulnerabilities, including six high-severity bugs reported by external researchers. Four of the externally reported security defects are use-after-free issues for which Google paid a total of…
The Russia-linked APT29 nation-state actor has been found leveraging a "lesser-known" Windows feature called Credential Roaming as part of its attack against an unnamed European diplomatic entity. "The diplomatic-centric targeting is consistent with Russian…
An updated version of a malware loader codenamed IceXLoader is suspected of having compromised thousands of personal and enterprise Windows machines across the world. IceXLoader is a commodity malware that's sold for $118 on underground forums for a…
Virtualization technology giant VMware joined the Patch Tuesday train this week to deliver urgent security patches to its VMWare Workspace One product. The company published an urgent bulletin (VMSA-2022-0028) with barebones details on at least five documented…