Download newsletter here. To receive these direct to your inbox, sign up here.

1- Microsoft Patches Zero-Day Bug That Allowed Remote Execution on Windows Machines

In Microsoft’s latest Patch Tuesday update this week, Microsoft patched a zero-day bug that allowed remote execution on Windows machines and which is already being exploited in the wild. CVE-2022-22047 is an elevation of privilege vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS),…

2- $8million Worth of Ethereum Stolen in Large Scale Uniswap Phishing Campaign

During an attack earlier this week, Uniswap, a popular decentralised cryptocurrency exchange, lost close to $8million worth of Ethereum. The cyberattack has impacted many investors in digital assets. The threat actors used the lure of free UNI tokens (airdrops) to trick victims into approving a tran…

3- Canadian cybercriminal pleads guilty to “NetWalker” attacks in US

If you’re a Naked Security Pocast listener, you may remember, back in March 2022, that we spoke about a convicted cybercriminal from Canada by the name of Sebastien Vachon-Desjardins. By all accounts, he was part of several so-called Ransomware-as-a-Service (RaaS) gangs, such as REvil and NetWalker,…

4- Q&A: The lesser role VPNs now play for enterprises, SMBs — in a post-pandemic world

During the first two decades of this century, virtual private networks —VPNs—served as a cornerstone of network security. Related: Deploying human sensors VPNs encrypt data streams and protect endpoints from unauthorized access, essentially by requiring all network communications to flow over a secu…