Security Affairs newsletter Round 377

Rate this post

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reportsSlack resets passwords for about 0.5% of its users due to the exposure of salted password hashesTwitter confirms zero-day used to access data of 5.4 million accountsThe popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increasesDHS warns of critical flaws in Emergency Alert System encoder/decoder devicesCISA adds Zimbra email bug to Known Exploited Vulnerabilities CatalogMysterious threat actor TAC-040 used previously undetected Ljl BackdoorNew Linux botnet RapperBot brute-forces SSH serversNew Woody RAT used in attacks aimed at Russian entities
Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction
Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visitHackers stole $200 million from the Nomad crypto bridgeCisco addressed critical flaws in Small Business VPN routersPower semiconductor component manufacturer Semikron suffered a ransomware attackManjusaka, a new attack tool similar to Sliver and Cobalt StrikeGoogle fixed Critical Remote Code Execution flaw in AndroidBusting the Myths of Hardware Based SecurityVMware fixed critical authentication bypass vulnerabilityLockBit 3.0 affiliate sideloads Cobalt Strike through Windows Defender
Gootkit AaaS malware is still active and uses updated tactics
Austria investigates DSIRF firm for allegedly developing Subzero spyware ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.Australian man charged with creating and selling the Imminent Monitor spywareA flaw in Dahua IP Cameras allows full take over of the devicesUS Federal Communications Commission (FCC) warns of the rise of smishing attacksThreat actor claims to have hacked European manufacturer of missiles MBDA17 Android Apps on Google Play Store, dubbed DawDropper, were serving banking malwareSecurity Affairs newsletter Round 376 by Pierluigi PaganiniNorth Korea-linked SharpTongue spies on email accounts with a malicious browser extension

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 377 appeared first on Security Affairs.

Leer másSecurity Affairs


advisor pick´S post

More Latest Published Posts