- Security News:
- Log4j: How hackers are using the flaw to deliver this new ‘modular’ backdoor [Liam Tung, ZDNet]
- Dev corrupts NPM libs ‘colors’ and ‘faker’ breaking thousands of apps [Ax Sharma, Bleeping Computer]
- Ransomware Group That Targeted Over 50 Companies Dismantled in Ukraine [Eduard Kovacs, SecurityWeek]
- New Vulnerabilities Highlight Risks of Trust in Public Cloud [Robert Lemos, Dark Reading]
- Microsoft Defender weakness lets hackers bypass malware detection [Ionut Ilascu, Bleeping Computer]
- Vulnerabilities & Patches:
- ‘Wormable’ Flaw Leads January 2022 Patch Tuesday [Brian Krebs, Krebs on Security]
- Cisco fixes a critical flaw in Unified CCMP and Unified CCDM [Pierluigi Paganini, Security Affairs]
- CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities [Jake Baines, Rapid7]
- KCodes NetUSB kernel remote code execution flaw impacts millions of devices [Charlie Osborne, ZDNet]
- Breaches & Leaks:
- TransCredit exposed financial data of half a million Americans and Canadians [Waqas, HackRead]
- Cyberattack shuts down Albuquerque schools; county copes with ransomware incident [Jonathan Greig, ZDNet]
- Hot wallet hack: Hackers steal $18.7m from Animoca’s Lympo NTF platform [Waqas, HackRead]
- Others:
- Admins report Hyper-V and domain controller issues after first Patch Tuesday of 2022 [Richard Speed, The Register]
- Kaspersky warns of ‘highly unusual’ spyware campaign [ITWeb]
- Teen hacker finds bug that lets him control 25+ Teslas remotely [Jonathan M. Gitlin, Ars Technica]
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F