Security Affairs newsletter Round 262

Pierluigi Paganini May 03, 2020

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform

Coronavirus-themed attacks April 19 – April 25, 2020
Crooks target US universities with malware used by nation-state actors
Hackers exploit SQL injection zero-day issue in Sophos firewall
Group-IB helps to detain operators of scam-service issuing fake passes to move around Moscow amid COVID-19 virus lockdown
Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns
Hacking Microsoft Teams accounts with a GIF image
Previously undetected VictoryGate Botnet already infected 35,000 devices
Shade Ransomware gang shut down operations and releases 750K decryption keys
100k+ WordPress sites exposed to hack due to a bug in Real-Time Find and Replace plugin
Experts warn of deliveries scams that use a COVID-19 theme
Outlaw is Back, a New Crypto-Botnet Targets European Organizations
PhantomLance, a four-year-long cyberespionage spying campaign
SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE
Adobe addresses several critical flaws in Illustrator, Bridge, and Magento
Estonian intelligence reports foreign hackers breached Mail.ee email provider
Google found zero-click vulnerabilities in Apples multimedia processing components
Journalist Matthew Keys is now charged with an attack on a magazine
Chegg discloses the third data breach in the last two years
Crooks spread malware via pirated movies during COVID-19 outbreak
EventBot, a new Android mobile targets financial institutions across Europe
Experts found critical flaws in 3 popular e-Learning WordPress Plugins
Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide
RDP brute-force attacks rocketed since beginning of COVID-19
COVID-19 disinformation and misinformation campaigns continue to proliferate
Europol analyses on criminal operations in Europe during COVID-19 Crisis
Hackers are targeting recently patched WebLogic security vulnerability
Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR
Over 800K WordPress sites are at risk due to a flaw in Ninja Forms plugin
Fake Microsoft Teams notifications aim at stealing Office365 logins
French daily Le Figaro leaks 7.4 Billion records
President Trumps executive order bans foreign electrical equipment from national power grid
TrickBot operators exploit COVID-19 as lures

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment