Cybersecurity Weekly: Lapsus$ attacks Uber, NSA and CISA share info on ICS/OT threats, Microsoft Exchange Servers compromised

September 26, 2022 by Ryan Miner

Lapsus$ identified as source of Uber hack, NSA explains ICS/OT threats, and Microsoft Exchange servers compromised. All these and more in this week’s edition of Cybersecurity Weekly.

1. Uber says Lapsus$-linked hacker responsible for breach

Uber said the attacker had not accessed any user accounts and the databases that store sensitive user information such as credit card numbers, bank account or trip details.
Read more »

2. NSA, CISA explain how threat actors plan and execute attacks on ICS/OT

US government agencies have shared a new cybersecurity resource that can help organizations defend critical control systems against threat actors.
Read more »

3. New ransomware variants, tactics rattle financial industry

While ransomware threats are often repackaged versions of older variants, organizations should not let their guard down, experts say.
Read more »

4. Cyberattackers compromise Microsoft Exchange servers via malicious OAuth apps

Cybercriminals took control of enterprise Exchange Servers to spread large amounts of spam aimed at signing people up for bogus subscriptions.
Read more »

5. Domain shadowing becoming more popular among cybercriminals

The phenomenon of ‘domain shadowing’ might be more prevalent than previously thought, uncovering 12,197 cases while scanning the web between April and June 2022.
Read more »

Posted: September 26, 2022
Ryan Miner
View Profile