Threatpost Latest Cyberattack Against Iran Part of Ongoing Campaign Iran's steel manufacturing industry is victim to ongoing cyberattacks that previously impacted the country's rail system. Google Patches Actively Exploited Chrome Bug The heap buffer overflow issue in the browser's WebRTC engine could allow attackers to execute arbitrary code. ZuoRAT Can Take Over Widely Used SOHO Routers Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor. A Guide to Surviving a Ransomware Attack Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture. Leaky Access Tokens Exposed Amazon Photos of Users Hackers with Amazon users' authentication tokens could've stolen or encrypted personal photos and documents. Patchable and Preventable Security Issues Lead Causes of Q1 Attacks Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for bulk of attacks. Top Six Security Bad Habits, and How to Break Them Shrav Mehta, CEO, Secureframe, outlines the top six bad habits security teams need to break to prevent costly breaches, ransomware attacks and prevent phishing-based endpoint attacks. Mitel VoIP Bug Exploited in Ransomware Attacks Researchers warn threat actors are using a novel remote code execution exploit to gain initial access to victim's environments. ‘Killnet’ Adversary Pummels Lithuania with DDoS Attacks Over Blockade Cyber collective Killnet claims it won't let up until the Baltic country opens trade routes to and from the Russian exclave of Kaliningrad. Log4Shell Vulnerability Targeted in VMware Servers to Exfiltrate Data CISA warns that threat actors are ramping up attacks against unpatched Log4Shell vulnerability in VMware servers. Distributed by aarss.com.