A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box.
Critical flaw in Netwrix Auditor application allows arbitrary code executionCISA urges to fix multiple critical flaws in Juniper Networks productsThreat actors exploit a flaw in Digium Phone Software to target VoIP serversTainted password-cracking software for industrial systems used to spread P2P Sality botExperts warn of attacks on sites using flawed Kaswara Modern WPBakery Page Builder AddonsHoly Ghost ransomware operation is linked to North KoreaRedAlert, LILITH, and 0mega, 3 new ransomware in the wild Mantis botnet powered the largest HTTPS DDoS attack in JuneThe new Retbleed speculative execution attack impacts both Intel and AMD chipsFormer CIA employee Joshua Schulte was convicted of Vault 7 massive leak
Microsoft published exploit code for a macOS App sandbox escape flawVMware fixed a flaw in vCenter Server discovered eight months agoQakbot operations continue to evolve to avoid detectionThree UEFI Firmware flaws found in tens of Lenovo Notebook modelsLarge-scale AiTM phishing campaign targeted +10,000 orgs since 2021￼The President of European Central Bank Christine Lagarde targeted by hackersFlaws in the ExpressLRS Protocol allow the takeover of dronesMicrosoft announced the general availability of Windows Autopatch featureCloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VMA fake job offer via LinkedIn allowed to steal $540M from Axie Infinity
Anubis Networks is back with new C2 serverBlackCat (aka ALPHV) Ransomware is Increasing Stakes up to $2,5M in DemandsExperts warn of the new 0mega ransomware operationExperts demonstrate how to unlock several Honda models via Rolling-PWN attackFrench telephone operator La Poste Mobile suffered a ransomware attack
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 374 by Pierluigi Paganini appeared first on Security Affairs.
Leer másSecurity Affairs