Security Affairs newsletter Round 399 by Pierluigi Paganini

Pierluigi Paganini December 25, 2022

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Expert found Backdoor credentials in ZyXEL LTE3301 M209
Raspberry Robin malware used in attacks against Telecom and Governments
TikTok parent company ByteDance revealed the use of TikTok data to track journalists
BetMGM discloses security breach impacting 1.5 Million customers
An Iranian group hacked Israeli CCTV cameras, defense was aware but didn’t block it
LastPass revealed that encrypted password vaults were stolen
Vice Society ransomware gang is using a custom locker
A new Zerobot variant spreads by exploiting Apache flaws
North Korea-linked hackers stole $626 million in virtual assets in 2022
Play ransomware attacks use a new exploit to bypass ProxyNotShell mitigations on Exchange servers
Okta revealed that its private GitHub repositories were hacked this month
Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days
German industrial giant ThyssenKrupp targeted in a new cyberattack
UAC-0142 APT targets Ukraine’s Delta military intelligence program
Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August
Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS
Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware
Old vulnerabilities in Cisco products actively exploited in the wild
Experts spotted a variant of the Agenda Ransomware written in Rust
Play ransomware attacks use a new exploit to bypass ProxyNotShell mitigations on Exchange servers
Okta revealed that its private GitHub repositories were hacked this month
Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days
German industrial giant ThyssenKrupp targeted in a new cyberattack
UAC-0142 APT targets Ukraine’s Delta military intelligence program
Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August
Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS
Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware
Old vulnerabilities in Cisco products actively exploited in the wild
Experts spotted a variant of the Agenda Ransomware written in Rust
US Gov warns of BEC attacks to hijack shipments of food products
Glupteba botnet is back after Google disrupted it in December 2021
Google announced end-to-end encryption for Gmail web
Fire and rescue service in Victoria, Australia, confirms cyber attack

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment