Here are the most relevant headlines of the week:
An analysis of a malicious campaign in which distribution of a new backdoor exploiting the well-known Follina vulnerability (CVE-2022-30190) was detected, has been published by Fortinet researchers.
The name of this new malware is Rozena. Its function is to inject a reverse shell into the attacker’s host, allowing malicious actors to take control of the victim’s system. It also enables monitoring and information capture, and/or maintaining a backdoor to the compromised system.
Segurança Informatica, a Portuguese media outlet has published details of a new wave of the persistent phishing campaign, which uses the Anubis Network portal to set up its attacks and has been active since March 2022.
The affected users are mainly in Portugal and Brazil and receive smishing or phishing messages from financial services.
Security researcher Gafnit Amiga has discovered several security flaws in the authentication process of AWS IAM Authenticator, a component for Kubernetes used by Amazon Elastic Kubernetes Service (EKS).
An upgrade to AWS IAM Authenticator for Kubernetes version 0.5.0. is recommended for customers who manage their own clusters and use the “AccessKeyID” parameter of the authenticator plugin.
A new version of vCenter Server 7.0 3f has recently been published by VMware which corrects, eight months later, a vulnerability in the integrated authentication mechanism with Windows discovered by Crowdstrike and with CVE-2021-22048.
The company has provided mitigation measures for those who are unable to upgrade to the latest patched version.
The bulletin for the month of July that Microsoft has published fixes a total of 84 vulnerabilities where one actively exploited 0-day is included. In the total number of detected flaws: