A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
Samba addressed multiple high-severity vulnerabilitiesFormer Twitter employee sentenced to 3.5 years in jail for spying on behalf of Saudi ArabiaSocial Blade discloses security breachData of 5.7M Gemini users available for sale on hacking forumsDecember 16, 2022 By Pierluigi Paganini Posted In Breaking News Cyber Crime Data Breach Hacking CISA adds Veeam Backup and Replication bugs to Known Exploited Vulnerabilities CatalogMCCrash botnet targets private Minecraft servers, Microsoft warnsMicrosoft revised CVE-2022-37958 severity due to its broader scopeChinese MirrorFace APT group targets Japanese political entities
Database of the FBI’s InfraGard US Critical Infrastructure Intelligence portal available for saleFBI seized 48 domains linked to DDoS-for-Hire service platformsCrooks use HTML smuggling to spread QBot malware via SVG filesGoTrim botnet actively brute forces WordPress and OpenCart sitesDecember 2022 Patch Tuesday fixed 2 zero-day flawsApple fixed the tenth actively exploited zero-day this year3.5m IP cameras exposed, with US in the leadVMware fixed critical VM Escape bug demonstrated at Geekpwn hacking contestCitrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and GatewayLockbit ransomware gang hacked California Department of Finance
Experts detailed a previously undetected VMware ESXi backdoorTwitter says recently leaked user data are from 2021 breachFortinet urges customers to fix actively exploited FortiOS SSL-VPN bugIndian foreign ministry’s Global Pravasi Rishta portal leaks expat passport detailsCryptomining campaign targets Linux systems with Go-based CHAOS MalwareEvilnum group targets legal entities with a new Janicab variantTrueBot infections were observed in Clop ransomware attacksPwn2Own Toronto 2022 Day 4: $989K awarded for 63 unique zero-daysMuddyWater APT group is back with updated TTPs
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 398 by Pierluigi Paganini appeared first on Security Affairs.
Leer másSecurity Affairs