Breaking News

Security Affairs newsletter Round 342

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Italy’s Antitrust Agency fines Apple and Google for aggressive practices of data acquisition
HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes
IKEA hit by a cyber attack that uses stolen internal reply-chain emails
Marine services provider Swire Pacific Offshore (SPO) hit by Clop ransomware
Threat actors target crypto and NFT communities with Babadeda crypter
Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices
APT C-23 group targets Middle East with an enhanced Android spyware variant
New Linux CronRAT hides in cron jobs to evade detection in Magecart attacks
Several GoDaddy brands impacted in recent data breach
Iranian threat actors exploit MS MSHTML bug to steal Google and Instagram credentials
FBI warns of crooks targeting online shoppers during the holiday season
VMware addresses File Read and SSRF flaws in vCenter Server
A vulnerable honeypot exposed online can be compromised in 24 hours
Apple sues NSO Group for abusing state-sponsored Pegasus spyware
Expert discloses details of flaws in Oracle VirtualBox
Malware are already attempting to exploit new Windows Installer zero-day
Android.Cynos.7.origin trojan infected +9 million Android devices
Experts warn of RCE flaw in Imunify360 security platform
Expert released PoC exploit code for Microsoft Exchange CVE-2021-42321 RCE bug
Expert disclosed an exploit for a new Windows zero-day local privilege elevation issue
US govt warns critical infrastructure of ransomware attacks during holidays
New GoDaddy data breach impacted 1.2 million customers
Utah Imaging Associates data breach impacts 583,643 patients
Iran’s Mahan Air claims it has failed a cyber attack, hackers say the opposite
New Memento ransomware uses password-protected WinRAR archives to block access to the files
US SEC warns investors of ongoing fraudulent communications claiming from the SEC
Experts found 11 malicious Python packages in the PyPI repository
Researchers were able to access the payment portal of the Conti gang
Attackers compromise Microsoft Exchange servers to hijack internal email chains

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Published by
Pierluigi Paganini
Tags: Cybersecuritycybersecurity newsHackinghacking newsinformation security newsPierluigi PaganiniSecurity AffairsSecurity News
3 years ago

Recent Posts

A bug in Chrome Password Manager caused user credentials to disappear

Google addressed a Chrome's Password Manager bug that caused user credentials to disappear temporarily for…

2 hours ago

BIND updates fix four high-severity DoS bugs in the DNS software suite

The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS…

13 hours ago

Terrorist Activity is Accelerating in Cyberspace – Risk Precursor to Summer Olympics and Elections

Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks.…

18 hours ago

Progress Software fixed critical RCE CVE-2024-6327 in the Telerik Report Server

Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report…

1 day ago

Critical bug in Docker Engine allowed attackers to bypass authorization plugins

A critical flaw in some versions of Docker Engine can be exploited to bypass authorization…

1 day ago

Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers

The CVE-2024-21412 flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers…

2 days ago

This website uses cookies.