Weekly Highlights - December 22nd

December 22, 2023

Weekly Highlights - December 22nd

News and cybercrime updates selected by Certego

Google fixes 8th Chrome zero-day exploited in attacks this year

#Vulnerabilities

Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, the eighth patched since the start of the year.

Explore details: read more

ALPHV/BlackCat

#Threat Actors

The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation (FBI).

Explore details: read more

Law enforcement seizes ALPHV/Blackcat sites, offers decryptor to victims

#Threat Actors

The US Justice Department announced today a disruption campaign against the Blackcat/ALPHV ransomware group and let victims know that there is a decryptor they can use.

Explore details: read more

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers

#Threat Actors

Active since 2017, the 8220 gang has been known for deploying cryptocurrency miners on Linux and Windows hosts by exploiting known vulnerabilities.

Explore details: read more

The “2023 CWE Top 10 KEV Weaknesses” list, which lists the top ten CWEs in the Cybersecurity and Infrastructure Security Agency’s (CISA) “Known Exploited Vulnerabilities (KEV) Catalog,” is now available

#Research

This list, providing additional information that organizations can use in their efforts to mitigate risk, was announced by the Homeland Security Systems Engineering and Development Institute. It is sponsored by the Department of Homeland Security and operated by the non-profit MITRE.