Vulnerabilities
- Two WhatsApp remote code execution vulnerabilities patched (CVE-2022-36934 and CVE-2022-27492)
- Two Whatsapp vulnerabilities allow for remote code execution via video call
- 7 vulnerabilities identified in InsydeH2O UEFI firmware that would allow persistent access to devices from major companies
- Severe vulnerability detected in Measuresoft ScadaPro Server (CVE-2022-3263) that would allow execution of malicious commands
- Memory corruption vulnerability in the uClibC library (CVE-2022-29503) affects Unix-based devices
- Several serious vulnerabilities detected in Dataprobe's iBoot PDUs that could allow devices to be exploited remotely
- More than 39,000 unauthenticated Redis instances on the internet targeted by a cryptocurrency mining campaign
- Atlassian Confluence vulnerability (CVE-2022-26134) used to deploy cryptominers and other malware
- Critical vulnerability in Oracle Cloud Infrastructure could allow unauthorised access to users' cloud storage
- Multiple Linux Kernel Vulnerabilities Identified
- High severity vulnerabilities found in Harbor open source artifact registry
- Netgear routers affected by vulnerability in FunJSQ game acceleration module
- More than 1,000 iOS apps detected exposing AWS credentials embedded in code
- Phishing campaign targets Instagram users by persuading them with verifying their accounts
- Google Chrome fixes 24 critical vulnerabilities
- Microsoft finds flaw in android app TikTok that allows attackers to hijack accounts
- Microsoft Azure suffers crash after Ubuntu update glitch
- Remote execution of unauthenticated code on a range of DrayTek Vigor routers
- VMware recommends administrators patch a critical authentication bypass vulnerability (CVE-2022-31656)
- 17 vulnerabilities detected in TCL LinkHub Mesh Wi-Fi system
Cybersecurity
- Data on 197,000 patients leaked from US healthcare management company Physician's Business Office
- Auth0 authentication service provider warns of theft of some source code repositories
- 3 hacktivist groups identified as working under the command of the Russian General Intelligence Directorate (GRU)
- Malaysian telecommunications company RedOne victim of DESORDEN group
- US branch of Israeli defence contractor Elbit suffers data breach
- Threat actors impersonate CircleCI platform to compromise GitHub accounts in phishing campaign
- Dozens of apps discovered on Google Play and App Store involved in ad fraud
- French hospital Corbeil-Essonnes suffers data breach after being compromised by ransomware
- Chile's judiciary claims to have been hit by ransomware that has affected computers running Windows 7 and McAfee antivirus
- Massive operation uncovered charging illicit credit card funds through dating and customer service websites
- Anonymous claims to have leaked more than 300,000 Russian reservist data from Russian defence ministry website
- Ukraine claims to have dismantled a pro-Russian group that had stolen and sold data on 30 million people from the EU and Ukraine
- Indian healthcare software provider's Elasticsearch server exposes Covid test results of domestic and foreign nationals
- Australian security company Optus claims to have suffered a breach affecting customer data
- DESORDEN group leaks more Indonesian company data
- Disgruntled developer leaks builder of new LockBit ransomware cryptor
- Cybercriminals steal $162 million from cryptocurrency marketplace maker Wintermute
- Hive ransomware claims cyberattack on New York racing association
- Kiwi Farms internet forum suffers breach, potentially revealing a wealth of user data
- American Airlines suffers data breach after employee email compromise
Malware
- Quantum Builder is being used by threat actors to deliver the RAT Agent Tesla
- Bl00dy ransomware starts using LockBit 3.0 leaked builder in its attacks
- New Chaos botnet attacks and infects Windows and Linux devices to mine cryptocurrencies and launch DDoS attacks
- Microsoft Sway is abused for phishing and malware delivery
- New Erbium infostealer distributed via fake popular video games targeting cryptocurrency theft
- Ransomware operators add data wiping to their extortion techniques
- NullMixer, the new tool for spreading malware via malicious websites used in multiple campaigns
- Cybercriminals use 'mouseover' event in PowerPoint presentations for malware delivery
- Vulnerable Microsoft SQL servers targeted in new wave of FARGO ransomware attacks
- Malicious OAuth applications used to compromise email servers and spread spam
- Malicious NPM discovered masquerading as legitimate software library for Material Tailwind
- Fake Zoom apps found downloading Vidar Stealer malware
- Threat actors abuse LinkedIn's Smart Links feature in phishing campaign
- Two-step phishing attack uses Powtoon Video to steal credentials
- New phishing campaign impersonating governments and embassies targets Russian and Chinese government targets
- Russian Sandworm group impersonates telecommunications providers to target Ukrainian entities
- New large-scale click-fraud campaign targets gamers by deploying malicious extensions
- Hive ransomware claims claim to cyberattack on Bell Canada subsidiary
- Russia-linked APT group Gamaredon targets Ukraine with a new infostealer
- Actors behind Ragnar Locker ransomware target the energy sector
We promote the transformation of business and society through innovative solutions and services, putting people at the center.
Indra is one of the leading global technology and consulting companies: the technology partner for key operations of client businesses worldwide.