TheCyberThrone week in review – August 13th 2022
Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings . This review is for the week ending Saturday, August 13th, 2022.
In an event important data (PII) belongs to the users of Amex and Snapchat has been breached and stolen.
Cisco came in to a limelight in many events, first in an security advisory, it fixed numerous bugs in home VPN routers. In another biggest event new comes, Yanlaowang ransomware breached Cisco and exfiltrated 2.8 GB of data.
Rapperbot – Mirai varient bot has been seen bruteforcing in to SSH and affecting Linux systems. Next data breach happens in Goodman Campbell medical Centre in Indiana where patients PHI data breached and stolen.
Next comes, a cross site scripting vulnerabilities persists GMAIL AMP version. Twilio application reached using stolen credential of its users.
The US CISA and the Australian ACSC have published a joint advisory on top malware strains of 2021. In another event that occurred, logokit is used in a phishing campaign exploiting open redirect vulnerabilities.
In another event, Meta has acted against two cyber espionage operations in South Asia namely Bitter APT and APT36. Next, Chinese based threat actors dubbed T428, are used specially crafted phishing emails and six different backdoors (nccTrojan, Logtu, Cotx, and DNSep) to break into and then steal confidential data.
