Breaking News

Security Affairs newsletter Round 395

newsletternewsletter

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Data from 5.4M Twitter users obtained from multiple threat actors and combined with data from other breaches
Devices from Dell, HP, and Lenovo used outdated OpenSSL versions
Google fixed the eighth actively exploited #Chrome #zeroday this year
Experts investigate WhatsApp data leak: 500M user records for sale
An international police operation dismantled the spoofing service iSpoof
UK urges to disconnect Chinese security cameras in government buildings
RansomExx Ransomware upgrades to Rust programming language
An aggressive malware campaign targets US-based companies with Qakbot to deliver Black Basta Ransomware
Threat actors exploit discontinues Boa web servers to target critical infrastructure
Pro-Russian group Killnet claims responsibility for DDoS attack that has taken down the European Parliament site
Ducktail information stealer continues to evolve
Experts claim that iPhone’s analytics data is not anonymous
Microsoft releases out-of-band update to fix Kerberos auth issues caused by a patch for CVE-2022-37966
Exclusive – Quantum Locker lands in the Cloud
5 API Vulnerabilities That Get Exploited by Criminals
Researcher warns that Cisco Secure Email Gateways can easily be circumvented
Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem
Two Estonian citizens arrested in $575M cryptocurrency fraud scheme
Emotet is back and delivers payloads like IcedID and Bumblebee
Expert published PoC exploit code for macOS sandbox escape flaw
Google won a lawsuit against the Glupteba botnet operators
Google provides rules to detect tens of cracked versions of Cobalt Strike
Octocrypt, Alice, and AXLocker Ransomware, new threats in the wild
PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Published by
Pierluigi Paganini
Tags: Cybercrimedata breachHackinghacking newsinformation security newsIT Information SecuritymalwareNewsletterPierluigi PaganiniSecurity AffairsSecurity News
3 years ago

Recent Posts

Two Linux flaws can lead to the disclosure of sensitive data

Qualys warns of two information disclosure flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise…

12 hours ago

Meta stopped covert operations from Iran, China, and Romania spreading propaganda

Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…

1 day ago

US Treasury sanctioned the firm Funnull Technology as major cyber scam facilitator

The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…

2 days ago

ConnectWise suffered a cyberattack carried out by a sophisticated nation state actor<gwmw style="display:none;"></gwmw><gwmw style="display:none;"></gwmw>

ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…

2 days ago

Victoria’s Secret ‘s website offline following a cyberattack

Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats…

3 days ago

China-linked APT41 used Google Calendar as C2 to control its TOUGHPROGRESS malware

Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a…

3 days ago