Security Affairs newsletter Round 258

Pierluigi Paganini April 05, 2020

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Coronavirus-themed attacks March 22 – March 28, 2020
FIN7 hackers target enterprises with weaponized USB drives via USPS
Source code of Dharma ransomware now surfacing on public hacking forums
Crooks leverage Zooms popularity in Coronavirus outbreak to serve malware
Voter information for 4,934,863 Georgians leaked online
Your colleague was infected with Coronavirus, this is the latest phishing lure
Zeus Sphinx spam campaign attempt to exploit Coronavirus outbreak
42 million records of Iranian users of unofficial Telegram fork leaked online
A critical flaw in Rank Math WordPress plugin allows hackers to give users Admins privileges
FBI warns of nation-state actors using the Kwampirs malware
Holy water targets religious figures and charities in Asia
Marriott discloses data breach impacting up to 5.2 Million guests
Microsoft Edge will warn users if their credentials have been compromised
Experts published PoC exploits for CVE-2020-0796 privilege escalation flaw on Windows
LimeRAT malware delivered using 8-year-old VelvetSweatshop trick
New Raccoon Stealer uses Google Cloud Services to evade detection
Vollgar botnet has managed to infect around 3k MSSQL DB servers daily
Zoom client for Windows could allow hackers to steal usersWindows password
Crooks use tainted Zoom apps to target users at home due to Coronavirus outbreak
Hackers exploited IE and Firefox flaws in attacks on entities in China, Japan
Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks
New COVID19 wiper overwrites MBR making computers unusable
100,000 WordPress sites using the Contact Form 7 Datepicker plugin are exposed to hack
Hacking iPhone or MacBook devices by tricking into visiting a site
Magecart group 7 use new e-skimmer to steal payment data
Open Cloud Database Exposes 200 Million Americans
Twitter discloses privacy issue that caused caching of files sent via DMs in Firefox
Firefox 74.0.1 addresses two zero-days exploited in the wild
Microsofts case study: Emotet took down an entire network in just 8 days New Coronavirus-themed campaign spread Lokibot worldwide
[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment