Monthly Security Bulletin – January 2023
Learn more about the latest Cybersecurity news in the January edition of our monthly Security bulletin, prepared by our Senior Security Analysts.
January hot topics:
- Hyundai app bugs allowed hackers to remotely unlock, start cars
- Sirius XM Software Vulnerability
- ConnectWise Quietly Patches Flaw That Helps Phishers
- New CryWiper data wiper targets Russian courts, mayor’s offices
- Sneaky hackers reverse defense mitigations when detected
- Massive DDoS attack takes down Russia’s second-largest bank VTB
- Rackspace says ransomware is behind four-day Exchange outage
- Antivirus and EDR solutions tricked into acting as data wipers
- Cisco discloses high-severity IP phone zero-day with exploit code
- New Python malware backdoors VMware ESXi servers for remote access
- Microsoft finds macOS bug that lets malware bypass security checks
- Okta’s source code stolen after GitHub repositories hacked
- Critical Microsoft Code-Execution Vulnerability
- Hackers exploit bug in WordPress gift card plugin with 50K installs
- Hacker claims to be selling Twitter data of 400 million users
- New info-stealer malware infects software pirates via fake cracks sites
- EarSpy attack eavesdrops on Android phones via motion sensors
- Hackers steal $8 million from users running trojanized BitKeep apps
- Thousands of Citrix servers vulnerable to patched critical flaws
- Hackers abuse Google Ads to spread malware in legit software
- Google Home speakers allowed hackers to snoop on conversations
