Cyber Weekly Digest - 2022 Week #6

In this week’s Cyber Weekly Digest, we take a look at the three ransomware strains which have had their decryption keys posted online, as well as the latest vulnerabilities to be patched by Microsoft and Apple. Keep reading to stay up to date on the biggest cyber security stories from the week.

1. Puma suffers a data breach following a third-party ransomware attack.

Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December. The data breach notification says the attackers also stole personal information belonging to Puma employees and their dependents from the Kronos Private Cloud environment before encrypting the data.

2. No critical vulnerabilities were patched in this month’s Patch Tuesday.

The February Microsoft Patch Tuesday sees just 51 vulnerabilities fixed, which is considerably low compared to the typical Patch Tuesday. On top of this, there are no “critical” fixes or active exploits this month. However, Microsoft addressed one zero-day this month: CVE-2022-21989, a Windows Kernel elevation-of-privilege vulnerability.

3. Apple patches an actively exploited new WebKit zero-day vulnerability.

Apple has released security updates to fix a new zero-day vulnerability exploited in the wild by attackers to hack iPhones, iPads, and Macs. The zero-day patched to