1 min read

Monthly Security Bulletin – November 2022

Learn more about the latest Cybersecurity news in the November edition of our monthly Security bulletin, prepared by our Senior Security Analysts.

November hot topics:

  1. Over 1,000 iOS apps found exposing hardcoded AWS credentials
  2. Facebook Has No Idea What Data It Has
  3. GIFShell attack creates reverse shell using Microsoft Teams GIFs
  4. Phishing page embeds keylogger to steal passwords as you type
  5. Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs
  6. Relay Attack against Teslas
  7. Zoom is down, users unable to sign in or join meetings
  8. New malware bundle self-spreads through YouTube gaming videos
  9. Microsoft Edge’s News Feed ads abused for tech support scams
  10. Massive Data Breach at Uber
  11. VMware, Microsoft warn of widespread Chromeloader malware attacks
  12. MFA Fatigue: Hackers’ new favorite tactic in high-profile breaches
  13. 2K Games says hacked help desk targeted players with malware
  14. Okta: Credential stuffing accounts for 34% of all login attempts
  15. Unpatched 15-year old Python bug allows code execution in 350k projects
  16. Microsoft: Exchange servers hacked via OAuth apps for phishing
  17. Microsoft SQL servers hacked in TargetCompany ransomware attacks
  18. Leaking Passwords through the Spellchecker
  19. Hackers use PowerPoint files for ‘mouseover’ malware delivery
  20. New Erbium password-stealing malware spreads as game cracks, cheats
  21. New NullMixer dropper infects your PC with a dozen malware families
  22. New malware backdoors VMware ESXi servers to hijack virtual machines
  23. Microsoft confirms new Exchange zero-days are used in attacks

Your browser does not support PDFs. Download the PDF