Invinsense Cybersecurity Newsletter 10-Jan-22

Patch Notes

• Microsoft issues fix for Exchange Y2k22 Bug That Crippled Email Delivery Service

• Google Patches 48 Vulnerabilities With First Set of 2022 Android Updates

• New Apache Log4j Update Released to Patch Newly Discovered Vulnerability

Cyber Attacks

• LastPass: some users report compromised accounts

• Chinese Spies Exploit Log4Shell to Hack Major Academic Institution

• New iLOBleed Rootkit Targeting HP Enterprise Servers with Data Wiping Attacks

Malware and Vulnerabilities

• CrowdStrike Beefs Up Exploit Detection With Intel CPU Telemetry

• Apple iOS vulnerable to HomeKit ‘doorLock’ denial of service bug

• Multiple Vulnerabilities Impact Netgear Nighthawk R6700 Routers

Cyber Tech

• SAILFISH System to Find State-Inconsistency Bugs in Smart Contracts

• Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations

• Privacy-focused Brave browser records massive growth in 2021