Security Affairs newsletter Round 256

Pierluigi Paganini March 22, 2020

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

BlackWater, a malware that uses Cloudflare Workers for C2 Communication
Coronavirus-themed attacks February 1 – March 15, 2020
Massive cyber attack hit the town hall of Marseille ahead local election
Noooo, now Ancient Tortoise BEC scammers are launching Coronavirus-Themed attacks
A cyberattack hits the US Department of Health and Human Services
Aerial Direct, the O2s largest UK partner suffered a data breach
Experts warn of a new strain of ransomware, the PXJ Ransomware
MonitorMinor, the outstanding stalkerware can track Gmail, WhatsApp, Instagram, and Facebook
Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw
Open Exchange Rates discloses a security breach
Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections
Corporate Finance firms leak 500K+ legal and financial documents online
Most ransomware attacks take place outside the working hours
Operators behind Nefilim Ransomware threaten to release stolen data
The parabola of a prolific cyber-criminal known as Dton
Ursnif campaign targets Italy with a new infection Chain
Adobe releases out-of-band patches for critical issues in Acrobat Reader, Photoshop, Bridge, ColdFusion
Cisco addresses multiple issues in its SD-WAN product
Thousands of Coronavirus-related malicious domains are being created every day
Trend Micro addresses two issues exploited by hackers in the wild
TrueFire Guitar tutoring website was hacked, financial data might have been exposed
VMware fixes high severity privilege escalation and DoS in its products
CERT France – Pysa ransomware is targeting local governments
Coronavirus news used by Emotet and Trickbot to evade detection
Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations
Is APT27 Abusing COVID-19 To Attack People ?!
Pwn2Own 2020 Day1 -researchers earned $180K for hacking Windows, Ubuntu, and macOS
Drupal addresses two XSS flaws by updating the CKEditor
Pwn2Own 2020 – Participants hacked Adobe Reader, Oracle VirtualBox, and Windows
Russia-linked APT28 has been scanning vulnerable email servers in the last year
UK printing company Doxzoo exposed US and UK military docs
Healthcare sector targeted : what you need to know about the hackers very unusual strategy
Mukashi, the new Mirai variant that targets Zyxel NAS
New Coronavirus-themed attack uses fake WHO chief emails
UK Fintech company Finastra hit by a cyber attack
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment