Security Affairs newsletter Round 308

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to receive the complete weekly Security Affairs Newsletter for free, including the international press, subscribe here.

Experts found two flaws in Facebook for WordPress Plugin

Hackers disrupted live broadcasts at Channel Nine. Is it a Russian retaliation?

QNAP urges users to take action to protect devices against Brute-Force attacks

US Gov Executive Order would oblige to disclose security breach impacting gov users

China-linked RedEcho APT took down part of its C2 domains

Hackers breached the PHP ‘s Git Server and inserted a backdoor in the source code

London-based academies Harris Federation hit by ransomware attack

New Purple Fox version includes Rootkit and implements wormable propagation

Ziggy ransomware admin announced it will refund victims who paid the ransom

30 Docker images downloaded 20M times in cryptojacking attacks

Experts found 2 Linux Kernel flaws that can allow bypassing Spectre mitigations

Hundreds of thousands of projects affected by a flaw in netmask npm package

Reflected XSS Vulnerability In Ivory Search WP Plugin Impact Over 60K sites

VMware addresses SSRF flaw in vRealize Operations that allows stealing admin credentials

Chinese experts earned $20,000 for reporting a Chrome Sandbox Escape

Email accounts of DHS members were compromised in the SolarWinds hack

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

North Korea-linked hackers target security experts again

President Biden extended Executive Order 13694 regarding cyberattack sanctions

Akamai dealt with an 800Gbps ransom DDoS against a gambling company

DeepDotWeb admin pleads guilty to money laundering conspiracy

Ubiquiti security breach may be a catastrophe

US CISA warns of DoS flaws in Citrix Hypervisor

VMware fixed flaws in vROps that can be chained to compromise organizations

VMware fixes authentication bypass in Carbon Black Cloud Workload appliance

Airlift Express Fixes Vulnerabilities in Its E-commerce Store

Conti Ransomware gang demanded $40 million ransom to Broward County Public Schools

DHS CISA requires federal agencies to assess their Microsoft Exchange servers by April 5

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Man indicted for tampering with public water system in Kansas

Tens of thousands of QNAP SOHO NAS devices affected by unpatched RCEs

TIMs Red Team Research (RTR) team found 5 zero-day flaws in the CA eHealth Performance Manager product

Activision warns of Call of Duty Cheat tool used to deliver RAT

Attackers are abusing GitHub infrastructure to mine cryptocurrency

Capital One discovered more customers SSNs exposed in 2019 hack

Evolution and rise of the Avaddon Ransomware-as-a-Service

If you want to receive the complete weekly Security Affairs Newsletter for free, including the international press, subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Next Malware attack on Applus blocked vehicle inspections in some US states »

Previous « Clop Ransomware operators plunder US universities

Published by

Pierluigi Paganini

Tags: Cybercrimedata breachHackinghacking newsinformation security newsIT Information SecuritymalwareNewsletterPierluigi PaganiniransomwareSecurity AffairsSecurity News

3 years ago

Recent Posts

Security

MITRE revealed that nation-state actors breached its systems via Ivanti zero-days

The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by…

6 hours ago

Security

FBI chief says China is preparing to attack US critical infrastructure

China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…

18 hours ago

Cyber Crime

United Nations Development Programme (UNDP) investigates data breach

The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…

21 hours ago

Cyber Crime

FIN7 targeted a large U.S. carmaker with phishing attacks

BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…

1 day ago

Hacking

Law enforcement operation dismantled phishing-as-a-service platform LabHost

An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…

2 days ago

Hacking

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…

2 days ago

This website uses cookies.