Security Affairs newsletter Round 404 by Pierluigi Paganini

Pierluigi Paganini January 29, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Copycat Criminals mimicking Lockbit gang in northern Europe
Sandworm APT targets Ukraine with new SwiftSlicer wiper
ISC fixed high-severity flaws in DNS software suite BIND
Patch management is crucial to protect Exchange servers, Microsoft warns
Hacker accused of having stolen personal data of all Austrians and more
CVE-2023-23560 flaw exposes 100 Lexmark printer models to hack
BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer
UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups
An unfaithful employee leaked Yandex source code repositories
Hive Ransomware Tor leak site apparently seized by law enforcement
Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)
Zacks Investment Research data breach impacted hundreds of thousands of customers
Google Chrome 109 update addresses six security vulnerabilities
North Korea-linked TA444 group turns to credential harvesting activity
French rugby club Stade Français leaks source code
DragonSpark threat actor avoids detection using Golang source code Interpretation
VMware warns of critical code execution bugs in vRealize Log Insight
Pakistan hit by nationwide power outage, is it the result of a cyber attack?
GoTo revealed that threat actors stole customers’ backups and encryption key for some of them
FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist
Meta Platforms expands features for EE2E on Messenger App
CISA added Zoho ManageEngine RCE (CVE-2022-47966) to its Known Exploited Vulnerabilities Catalog
Researcher found US ‘No Fly List’ on an unsecured server
Apple backported patches for CVE-2022-42856 zero-day on older iPhones, iPads
Two flaws in Samsung Galaxy Store can allow to install Apps and execute JS code
Companies impacted by Mailchimp data breach warn their customers
Massive Ad fraud scheme VASTFLUX targeted over 11 million devices
Video game firm Riot Games hacked, now it faces problems to release content
Expert found critical flaws in OpenText Enterprise Content Management System
Roaming Mantis uses new DNS changer in its Wroba mobile malware

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)



you might also like

leave a comment