Information from Friday afternoon to Saturday afternoon.
News/Intelligence/IOCs Stories
- CERT/CC Releases Information on Spring4Shell Vulnerability – LINK
- Spring4Shell: critical vulnerability in Spring Java framework – LINK
- Beastmode botnet boosts DDoS power with new router exploits – LINK
- Threat Roundup for March 25 to April 1 – LINK
- British Police Charge Two Teenagers Linked to LAPSUS$ Hacker Group – LINK
- American Express users locked out for HOURS: no login, no payments – LINK
Regulation Related Stories
- What You Need to Know About PCI DSS 4.0’s New Requirements – LINK
Russia/Ukraine War Related Stories
- Russian-linked Android malware records audio, tracks your location – LINK
- Ukraine intelligence leaks names of 620 alleged Russian FSB agents – LINK
- Ukraine, Conti, and the law of unintended consequences – LINK
New Vulnerability Related
- Trend Micro fixes actively exploited remote code execution bug – (CVE-2022-26871) – LINK
- Critical CVE-2022-1162 flaw in GitLab allowed threat actors to take over accounts – (CVE-2022-1162) – LINK
- 15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks – LINK
New Breach Related Stories
- (Partnership HealthPlan of California) – Hive ransomware impacts California non-profit health organisation – LINK