Monthly Security Bulletin – December 2022
Learn more about the latest Cybersecurity news in the December edition of our monthly Security bulletin, prepared by our Senior Security Analysts.
December hot topics:
- Microsoft fixes critical RCE flaw affecting Azure Cosmos DB
- Dropbox discloses breach after hacker stole 130 GitHub repositories
- New Crimson Kingsnake gang impersonates law firms in BEC attacks
- RomCom RAT malware campaign impersonates KeePass, SolarWinds NPM, Veeam
- As Twitter brings on $8 fee, phishing emails target verified accounts
- Microsoft sued for open-source piracy through GitHub Copilot
- Malicious extension lets attackers control Google Chrome remotely
- Lenovo fixes flaws that can be used to disable UEFI Secure Boot
- 15,000 sites hacked for massive Google SEO poisoning campaign
- Worok hackers hide new malware in PNGs using steganography
- DuckDuckGo now lets all Android users block trackers in their apps
- Failures in Twitter’s Two-Factor Authentication System
- Successful Hack of Time-Triggered Ethernet
- Exploit released for actively abused ProxyNotShell Exchange bug
- Google Chrome extension used to steal cryptocurrency, passwords
- Apple’s Device Analytics Can Identify iCloud Users
- Pro-Russian hacktivists take down EU Parliament site in DDoS attack
- Trigona ransomware spotted in increasing attacks worldwide
- Cybersecurity researchers take down DDoS botnet by accident
