Here are this week’s highlights in cybersecurity:

  • New crypto mining malware was discovered targeting AWS lambda. More
  • The recent Spring4Shell vulnerability was observed being exploited in the wild and deploying Mirai. More
  • Nginx released an advisory detailing mitigations for a recently disclosed vulnerability in their LDAP plugin. More
  • Android malware is able to hijack phone calls to bank customer support. More
  • Microsoft takes down domains used by the Advanced-Persistent-Threat known as Strontium or APT28. More
  • PCI DSS standard was updated to version 4.0 and it includes requirements designed to guard against Magecart style attacks. More
  • Malware tied to APT group HAFNIUM uses hidden scheduled task for persistence. More
  • DOE, CISA, FBI & NSA released a joint advisory about an Advanced-Persistent-Threat targeting SCADA systems. More
  • Attackers sit for months in government network before another attacker groups deploys ransomware. More
  • Microsoft took action against Zloader botnet which was based on the Zeus banking trojan. More

Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.