Security Affairs newsletter Round 373 by Pierluigi Paganini

Pierluigi Paganini July 10, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box.

Apple Lockdown Mode will protect users against highly targeted cyberattacks
Fortinet addressed multiple vulnerabilities in several products
Rozena backdoor delivered by exploiting the Follina bug
Ongoing Raspberry Robin campaign leverages compromised QNAP devices
Evolution of the LockBit Ransomware operation relies on new techniques
Cisco fixed a critical arbitrary File Overwrite flaw in Enterprise Communication solutions
Emsisoft: Victims of AstraLocker and Yashma ransomware can recover their files for free
Discussing the risks of bullying for anonymous social app NGL
Russian Cybercrime Trickbot Group is systematically attacking Ukraine
New Checkmate ransomware target QNAP NAS devices
Large-scale cryptomining campaign is targeting the NPM JavaScript package repository
North Korea-linked APTs use Maui Ransomware to target the Healthcare industry
ENISA released the Threat Landscape Methodology
OrBit, a new sophisticated Linux malware still undetected
OpenSSL version 3.0.5 fixes a flaw that could potentially lead to RCE
Marriott International suffered a new data breach, attackers stole 20GB of data
Cyberattacks against law enforcement are on the rise
Less popular, but very effective, Red-Teaming Tool BRc4 used in attacks in the wild
New Hive ransomware variant is written in Rust and use improved encryption method
Iranian Fars News Agency claims cyberattack on a company involved in the construction of Tel Aviv metro
Cyber Police of Ukraine arrested 9 men behind phishing attacks on Ukrainians attempting to capitalize on the ongoing conflict
Threat actors compromised British Army ’s Twitter, YouTube accounts to promote crypto scams
AstraLocker ransomware operators shut down their operations
Google fixes the fourth Chrome zero-day in 2022
Data of a billion Chinese residents available for sale on a cybercrime forum
Popular Django web framework affected by a SQL Injection flaw. Upgrade it now!
Unfaithful HackerOne employee steals bug reports to claim additional bounties
Threat Report Portugal: Q2 2022
CISA orders federal agencies to patch CVE-2022-26925 by July 22
Tens of Jenkins plugins are affected by zero-day vulnerabilities
Microsoft: Raspberry Robin worm already infected hundreds of networks

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment