A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
Kaspersky released a new decryptor for Conti-based ransomwareUS govt agencies released a joint alert on the Lockbit 3.0 ransomwareFeds arrested Pompompurin, the alleged owner of BreachForumsHitachi Energy breached by Clop gang through GoAnywhere Zero-Day exploitationHinataBot, a new Go-Based DDoS botnet in the threat landscapeTop 5 Insider Threats to Look Out For in 2023China-linked APT likely linked to Fortinet zero-day attacksBaseband RCE flaws in Samsung’s Exynos chipsets expose devices to remote hackMicrosoft sheds light on a year of Russian hybrid warfare in Ukraine
Polish intelligence dismantled a network of Russian spiesMultiple threat actors exploited Progress Telerik bug to breach U.S. federal agencyCISA adds Adobe ColdFusion bug to Known Exploited Vulnerabilities CatalogRussia-linked APT29 abuses EU information exchange systems in recent attacksYoroTrooper APT group targets CIS countries and embassiesCrowdStrike discovered the first-ever Dero cryptocurrency mining campaignSecurity Firm Rubrik breached by Clop gang through GoAnywhere Zero-Day exploitationKey aerospace player Safran Group leaks sensitive dataLockBit Ransomware gang claims to have stolen SpaceX confidential data from Maximum IndustriesMicrosoft Patch Tuesday fix Outlook zero-day actively exploited
Adobe fixed ColdFusion flaw listed as under active exploitDEV-1101 AiTM phishing kit is fueling large-scale phishing campaignsAdvanced actor targets Fortinet FortiOS in attacks on govt entitiesDissecting the malicious arsenal of the Makop ransomware gangGolang-Based Botnet GoBruteforcer targets web serversCISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities CatalogDark Pink APT targets Govt entities in South AsiaThe risk of pasting confidential company data into ChatGPTAcronis states that only one customer’s account has been compromised. Much ado about nothing
Cisco fixed CVE-2023-20049 DoS flaw affecting enterprise routers
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 411 by Pierluigi Paganini appeared first on Security Affairs.
Read MoreSecurity Affairs
