1 min read

Monthly Security Bulletin – December 2022

Learn more about the latest Cybersecurity news in the December edition of our monthly Security bulletin, prepared by our Senior Security Analysts.

December hot topics:

  • Microsoft fixes critical RCE flaw affecting Azure Cosmos DB
  • Dropbox discloses breach after hacker stole 130 GitHub repositories
  • New Crimson Kingsnake gang impersonates law firms in BEC attacks
  • RomCom RAT malware campaign impersonates KeePass, SolarWinds NPM, Veeam
  • As Twitter brings on $8 fee, phishing emails target verified accounts
  • Microsoft sued for open-source piracy through GitHub Copilot
  • Malicious extension lets attackers control Google Chrome remotely
  • Lenovo fixes flaws that can be used to disable UEFI Secure Boot
  • 15,000 sites hacked for massive Google SEO poisoning campaign
  • Worok hackers hide new malware in PNGs using steganography
  • DuckDuckGo now lets all Android users block trackers in their apps
  • Failures in Twitter’s Two-Factor Authentication System
  • Successful Hack of Time-Triggered Ethernet
  • Exploit released for actively abused ProxyNotShell Exchange bug
  • Google Chrome extension used to steal cryptocurrency, passwords
  • Apple’s Device Analytics Can Identify iCloud Users
  • Pro-Russian hacktivists take down EU Parliament site in DDoS attack
  • Trigona ransomware spotted in increasing attacks worldwide
  • Cybersecurity researchers take down DDoS botnet by accident

Your browser does not support PDFs. Download the PDF