WEEKLY CYBERSECURITY NEWSLETTER NO: 222

#WeeklyCybersecurityTip: Run effective phishing tests regularly for your employees.

Jun 6, 2022 8:28 am

1- Yet another zero-day (sort of) in Windows “search URL” handling

Just as the dust started to settle on the weirdly-named Follina vulnerability… … along came another zero-day Windows security hole. Sort of. We’re not convinced that this one is quite as dramatic or as dangerous as some of the headlines seem to suggest (which is why we carefully added the words “sor…

2- Malware-Infested Smart Card Reader

Brian Krebs has an interesting story of a smart ID card reader with a malware-infested Windows driver, and US government employees who inadvertently buy and use them. But by all accounts, the potential attack surface here is enormous, as many federal employees clearly will purchase these readers fro…

3- Linux-based Ransomware Cheerscrypt Attacks VMware ESXi Servers

There has been an appearance in the cybercrime universe of a new ransomware attack dubbed ‘Cheers.’ It targets the VMware ESXi servers that have been found to be vulnerable. There are many large organizations and large companies in the world that use virtualization platforms such as VMware ESXi, mak…

4- Biometric mobile payments set to exceed $1 trillion

Remote mobile payments authenticated by biometrics are predicted to reach $1.2 trillion by 2027, according to a new study. In its paper Mobile Payment Biometrics: Key Opportunities, Regional Analysis & Market Forecasts 2022-2027 , Juniper Research has predicted a 365% rise in the value of biometric …