Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack
Date Published: June 6, 2022
Excerpt: “The municipality of Palermo in Southern Italy suffered a cyberattack on Friday, which appears to have had a massive impact on a broad range of operations and services to both citizens and visiting tourists. Palermo is home to about 1.3 million people, the fifth most populous city in Italy. The area is visited by another 2.3 million tourists every year.”
Title: Another Nation-State Actor Exploits Microsoft Follina to Attack European and US Entities
Date Published: June 6, 2022
https://securityaffairs.co/wordpress/131992/apt/nation-state-actors-follina-exploits.html
Excerpt: “An alleged nation-state actor is attempting to exploit the recently disclosed Microsoft Office Follina vulnerability in attacks aimed at government entities in Europe and the U.S. On May 31, Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina and tracked as CVE-2022-30190 (CVSS score 7.8), in the Microsoft Office productivity suite.”
Title: The Costs and Damages of DNS attacks
Date Published: June 6, 2022
https://www.helpnetsecurity.com/2022/06/06/dns-attacks-impact/
Excerpt: “EfficientIP has announced the findings of its eighth annual 2022 Global DNS Threat Report, conducted by IDC, which reveals the damaging impact Domain Name System (DNS) attacks have had on global organizations’ operations over the past 12 months. The report uncovers how despite 73% of organizations knowing that DNS security is critical to their business, cyber criminals are still infiltrating the network and causing significant business disruption, resulting in the shutdown of cloud and on-premise applications and theft of data.”
Title: Atlassian Issues Patch for Critical Confluence Zero-Day
Date Published: June 4, 2022
https://www.bankinfosecurity.com/atlassian-issues-patch-for-critical-confluence-zero-day-a-19199
Excerpt: “Atlassian has issued a patch for its Confluence workspace collaboration tool, which is being targeted in the wild with a zero-day vulnerability that gives attackers unauthenticated remote code execution privileges. The vulnerability, tracked as CVE-2022-26134, has a CVSS score of 10 out of 10 for criticality.”
Title: Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers
Date Published: June 6, 2022
https://thehackernews.com/2022/06/microsoft-seizes-41-domains-used-in.html
Excerpt: “Microsoft’s Digital Crimes Unit (DCU) last week disclosed that it had taken legal proceedings against an Iranian threat actor dubbed Bohrium in connection with a spear-phishing operation. The adversarial collective is said to have targeted entities in tech, transportation, government, and education sectors located in the U.S., Middle East, and India.”
Title: FDA Urges Patch of Illumina Devices with Three Critical Flaws Ranked 10 in Severity
Date Published: June 3, 2022
Excerpt: “Providers should “immediately download and install” a patch for certain Illumina devices, which the manufacturer issued last month. The software update fixes critical flaws in a range of devices that could put patient safety at risk, according to an FDA letter to the healthcare sector.”
Title: Evasive Phishing Mixes Reverse Tunnels and URL Shortening Services
Date Published: June 5, 2022
Excerpt: “Security researchers are seeing an uptick in the use of reverse tunnel services along with URL shorteners for large-scale phishing campaigns, making the malicious activity more difficult to stop. This practice deviates from the more common method of registering domains with hosting providers, who are likely to respond to complaints and take down the phishing sites.”
Title: Red TIM Research Discovers a Command Injection with a 9,8 score on Resi
Date Published: June 6, 2022
https://securityaffairs.co/wordpress/131985/security/resi-critical-command-injection.html
Excerpt: “It’s been detected an OS Command Injection, which has been identified from NIST as a Critical one, its score is 9,8. This vulnerability comes from a failure to check the parameters sent as inputs into the system before they are processed by the server. Due to the lack of user input validation, an attacker can ignore the syntax provided by the software and inject arbitrary system commands with the user privileges of the application.”
Title: Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor
Date Published: June 3, 2022
https://thehackernews.com/2022/06/chinese-luoyu-hackers-using-man-on-side.html
Excerpt: “An “extremely sophisticated” Chinese-speaking advanced persistent threat (APT) actor dubbed LuoYu has been observed using a malicious Windows tool called WinDealer that’s delivered by means of man-on-the-side attacks. “This groundbreaking development allows the actor to modify network traffic in-transit to insert malicious payloads,” Russian cybersecurity company Kaspersky said in a new report. “Such attacks are especially dangerous and devastating because they do not require any interaction with the target to lead to a successful infection.””
Title: Bored Ape Yacht Club, Otherside NFTs Stolen in Discord Server Hack
Date Published: June 4, 2022
Excerpt: “Hackers reportedly stole over $257,000 in Ethereum and thirty-two NFTs after the Yuga Lab’s Bored Ape Yacht Club and Otherside Metaverse Discord servers were compromised to post a phishing scam. Earlier this morning, the Discord account for a Yuga Labs community manager was allegedly hacked to post a phishing scam on the company’s Discord servers.”