Cyber Security weekly hacker news February 1 – 7, 2022

Cyber Security weekly hacker news February 1 – 7, 2022
00:00 intro
00:18 PHISHING
00:20 Massive social engineering waves have impacted banks in several countries
02:20 PATCHES
02:23 Cisco fixes critical flaws in its Small Business Routers
04:08 Trend Micro fixed 2 flaws in Hybrid Cloud Security products
05:22 ESET releases fixes for local privilege escalation bug in Windows Applications
07:23 Attacks, Vulnerabilities & Updates
07:28 LockBit ransomware gang claims to have stolen data from PayBito crypto exchange
08:16 Over 500,000 people were impacted by a ransomware attack that hit Morley
09:12 Ransomware attack hit Swissport International causing delays in flights
10:21 A nation-state actor hacked media and publishing giant News Corp
10:55 Retail giant Target open sources Merry Maker e-skimmer detection tool
12:05 Russia-linked Gamaredon APT targeted a western government entity in Ukraine
15:25 Zimbra zero-day vulnerability actively exploited by an alleged Chinese threat actor
17:00 Microsoft blocked tens of billions of brute-force and phishing attacks in 2021
18:04 Antlion APT group used a custom backdoor that allowed them to fly under the radar for months
20:33 Oil terminals in Europe’s biggest ports hit by a cyberattack
21:29 Wormhole cryptocurrency platform hacked, crooks stole $326 million, the second-biggest hack of a DeFi platform
23:41 Researcher found an Information Disclosure in the Brave browser
24:06 Sugar Ransomware, a new RaaS in the threat landscape
25:09 Experts warn of a spike in APT35 activity and a possible link to Memento ransomware op
27:09 Experts found 23 flaws in UEFI firmware potentially impact millions of devices
28:27 British Council exposed 144,000 files containing student details
29:14 A cyber attack severely impacted the operations of German petrol distributor Oiltanking GmbH
30:09 Iran-linked MuddyWater APT group campaign targets Turkish entities
32:28 RCE in WordPress plugin Essential Addons for Elementor impacts hundreds of thousands of websites
33:42 Samba fixed CVE-2021-44142 remote code execution flaw
35:23 Hackers stole $80M worth of cryptocurrency from the Qubit DeFi platform
36:41 Hybrid cloud campaign OiVaVoii targets company executives
38:23 Novel device registration trick enhances multi-stage phishing attacks
40:06 Other Security News
40:08 FBI issued a flash alert on Lockbit ransomware operation
43:04 CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw
44:28 Thanks for watching