Weekday Digest – 4/7/2022 (Thursday)

Information from Wednesday afternoon to Thursday morning. News/Intelligence/IOCs Stories CISA Adds Three Known Exploited Vulnerabilities to Catalog – LINK Nearly Two-Thirds of Ransomware Victims Paid Ransoms Last Year, Finds “2022 Cyberthreat Defense Report” – LINK WatchGuard waited 11 months to explicitly disclose critical flaw exploited by Sandworm – LINK New FFDroider malware steals Facebook, Instagram, […]

Updates as of 4/1/2022

News/Intelligence/IOCs Stories New AcidRain data wiper malware targets modems and routers – LINK Chinese hacking group uses new ‘Fire Chili’ Windows rootkit – LINK Researchers used a decommissioned satellite to broadcast hacker TV – LINK Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks – LINK The Windows Update policies you should set and why […]

Lasso Library vulnerability found impacting Cisco, Akami and Linux

LINK “This vulnerability potentially allowed actors with access to a well-formed SAML response for an organization–typically authenticated users, but potentially compromised endpoints or malicious proxies–to modify their identity and impersonate another user within the same organization,” Akamai explained.