Security Affairs newsletter Round 354

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

CISA compiled a list of free cybersecurity tools and services
White House and UK Gov attribute DDoS attacks on Ukraine to Russia’s GRU
UpdraftPlus WordPress plugin update forced for million sites
Google Privacy Sandbox promises to protect user privacy online
Iran-linked TunnelVision APT is actively exploiting the Log4j vulnerability
CVE-2021-44731 Linux privilege escalation bug affects Canonical’s Snap Package Manager
Researchers created a PoC exploit for recently disclosed critical Magento CVE-2022-24086 bug
Threat actors leverage Microsoft Teams to spread malware
Specially crafted emails could crash Cisco ESA devices
European Data Protection Supervisor call for bans on surveillance spyware like Pegasus
New Kraken botnet is allowing operators to earn USD 3,000 every month
Nation-state actors hacked Red Cross exploiting a Zoho bug
Russia-linked threat actors breached US cleared defense contractors (CDCs)
Trickbot targets customers of 60 High-Profile companies
Experts disclose details of Apache Cassandra DB RCE
CISA added 9 new flaws to the Known Exploited Vulnerabilities Catalog, including Magento e Chrome bugs
VMware fixes flaws demonstrated at Chinese Tianfu Cup hacking contest
Ukraine: Military defense agencies and banks hit by cyberattacks
QNAP extends security Updates for some EOL devices
BlackCat gang claimed responsibility for Swissport ransomware attack
Google fixes a Chrome zero-day flaw actively exploited in attacks
Remote sex toys might spice up your love life – but crooks could also get a kick out of them
SSU: Russia-linked actors are targeting Ukraine with ‘massive wave of hybrid warfare’
BlackByte ransomware breached at least 3 US critical infrastructure organizations
European Central Bank tells banks to step up defences against nation-state attacks
Critical Magento zero-day flaw CVE-2022-24086 actively exploited
Alleged ransomware attack disrupted operations at Slovenia’s Pop TV station
Organizations paid at least $602 million to ransomware gangs in 2021
San Francisco 49ers NFL team discloses BlackByte ransomware attack
Analyzing Phishing attacks that use malicious PDFs

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini: Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

This website uses cookies.