TheCyberThrone week in review – July 30th 2022

Welcome to TheCyberThrone. Starting today, cybersecurity week in review will be blogged covering the important security happenings . This review is for the week ending Saturday, July 30th, 2022.

While starting the week, Zeroday existed in Google has been exploited by an Isreali spyware company Candiru. Drupal has patched critical vulnerabilities that persisted in its products.

Next comes the DoJ’s major seizure of bitcoins that payed as a ransom to Maui ransomware operators. While a biggest malware identified in Linux named lightning framework.

Advertisements

Ducktail operation that affects Facebook ads has been brought in to limelight by the researchers. Messaging apps such as telegram, Discord infrastructure has been used to launch sophisticated attacks.

CrowdStrike came up with advances in his threat hunting portfolio, while NIST releases the latest draft of HIPPA security rules.

OpenXchange has fixed RCE vulnerabilities in its products. The news of Microst IIS server is being used as a backdoor in exchange servers came as a major threat to security world.

Last week Atlassian Confluence has fixed a critical zeroday in its Question for Confluence app, that time its not much popular , but this week this vulnerability become threat actors sweet spot. They started exploiting in wild. Admins/Customers of Atlassian keep an eye on it.

On varying Russian attacks, Ukraine has signed a MoU with CISAand joined hands to fight against cyber threats. In another event a new threat named LofyLife seen stealing Discord tokens.

During this month Microsoft has announced blocking macros, a heaven for threat actors. Soon after the news, Attackers switched to various other form of initial threat vectors for using in their attacks.