If you’re feeling overwhelmed by the constant flood of cyber threats you read about every day, this newsletter gives you a taste of what Fletch does for you.
Below are some of the trending threats Fletch featured last week.
Want to simply and automatically know what cyber threats matter to you every day? Join the waitlist for Fletch.
Let’s review the top threats from last week:
1. Early Bird Catches the Wormhole: Observations from the StellarParticle Campaign
Criticality Level: CRITICAL
- TL;DR: CrowdStrike identified forensic evidence that showed the entire attack path: browsing to a target user’s Chrome and DPAPI directories via administrative share, installing the Cookie Editor extension, and using Chrome to impersonate the targeted user in the victim’s cloud tenants
- Malware: WORMHOLE, GoldMax, TrailBlazer
2. Apple fixes new zero-day exploited to hack macOS, iOS devices
Criticality Level: CRITICAL
- TL;DR: Apple has released security updates to fix two zero-day vulnerabilities, with one publicly disclosed and the other exploited in the wild by attackers to hack into iPhones and Macs.
- CVEs: CVE-2022-22587, CVE-2022-22594
3. APT27 Hacker Group Infiltrates Business Networks with HyperBro Backdoor
Criticality Level: CRITICAL
- TL;DR: This active campaign is targeting German commercial organizations, with the attackers using the HyperBro remote access trojans (RAT) to backdoor their networks.
- Malware: HyperBro
4. VMware: Patch Horizon servers against ongoing Log4j attacks!
Criticality Level: CRITICAL
- TL;DR: VMware urges customers to patch critical Log4j security vulnerabilities impacting Internet-exposed VMware Horizon servers targeted in ongoing attacks.
- Malware: NightSky
5. PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)
Criticality Level: CRITICAL
- TL;DR: The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution.
- CVEs: CVE-2021-4034
