- Security News:
- Hackers Using Malicious OAuth Apps to Take Over Email Servers [Ravie Lakshmanan, The Hacker News]
- Windows 11 22H2 causing gaming issues for some NVIDIA users [Sergiu Gatlan, Bleeping Computer]
- American Airlines Hacked – Email Accounts Compromised to Gain Personal Data Access [BALAJI N, GBHackers]
- Hackers stealing GitHub accounts using fake CircleCI notifications [Bill Toulas, Bleeping Computer]
- Crypto Hack Let Hackers Stolen $160 Million From Crypto Firm Wintermute [Balaji N, Cyber Security News]
- LastPass Hacked – Attackers Had Access to Internal Systems for Four Days [Guru, Cyber Security News]
- Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime [BU CERT, BU CERT]
- Phishing and Malware
- Zoom Users Beware: New Malware Spreading Disguised as Legitimate Zoom Application [Balaji N, Cyber Security News]
- Malwarebytes blocks Google, YouTube as malware [Jessica Lyons Hardcastle, The Register]
- 2K Games helpdesk hacked to spread malware to players [Sead Fadilpašić, TechRadar]
- A disgruntled developer seems to be responsible for the leak of the builder for the latest encryptor of the LockBit ransomware gang. [Pierluigi Paganini, Security Affairs]
- EvilProxy phishing-as-a-service with MFA bypass emerged on the dark web [Resecurity, Help Net Security]
- 1,900 phone numbers of Signal users accessed in phishing attack [ETtech, The Economic Times]
- Vulnerabilities & Patches:
- Hackers Exploit WebLogic Vulnerabilities to Deliver Cryptocurrency-Mining Malware [GURUBARAN S, GBHackers]
- Oracle Cloud Infrastructure Vulnerability Exposed Sensitive Data [Ionut Arghire, SecurityWeek]
- Tarfile path traversal bug from 2007 still present in 350k open source repos [Adam Bannister, The Daily Swing]
- NETGEAR resolves router vulnerabilities in bundled gaming component [Adam Bannister, EasyWay]
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F
![[TI: logo for TI accredited teams]](../assets/img/TI-Accredited_120x120.jpg)
![[FIRST.org Logo]](../assets/img/first-org-simple.png)