Security Affairs newsletter Round 404 by Pierluigi Paganini

January 29, 2023  By Pierluigi Paganini


A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Copycat Criminals mimicking Lockbit gang in northern Europe
Sandworm APT targets Ukraine with new SwiftSlicer wiper
ISC fixed high-severity flaws in DNS software suite BIND
Patch management is crucial to protect Exchange servers, Microsoft warns
Hacker accused of having stolen personal data of all Austrians and more
CVE-2023-23560 flaw exposes 100 Lexmark printer models to hack
BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer
UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups
An unfaithful employee leaked Yandex source code repositories
Hive Ransomware Tor leak site apparently seized by law enforcement
Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)
Zacks Investment Research data breach impacted hundreds of thousands of customers
Google Chrome 109 update addresses six security vulnerabilities
North Korea-linked TA444 group turns to credential harvesting activity
French rugby club Stade Français leaks source code
DragonSpark threat actor avoids detection using Golang source code Interpretation
VMware warns of critical code execution bugs in vRealize Log Insight
Pakistan hit by nationwide power outage, is it the result of a cyber attack?
GoTo revealed that threat actors stole customers’ backups and encryption key for some of them
FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist
Meta Platforms expands features for EE2E on Messenger App
CISA added Zoho ManageEngine RCE (CVE-2022-47966) to its Known Exploited Vulnerabilities Catalog
Researcher found US ‘No Fly List’ on an unsecured server
Apple backported patches for CVE-2022-42856 zero-day on older iPhones, iPads
Two flaws in Samsung Galaxy Store can allow to install Apps and execute JS code
Companies impacted by Mailchimp data breach warn their customers
Massive Ad fraud scheme VASTFLUX targeted over 11 million devices
Video game firm Riot Games hacked, now it faces problems to release content
Expert found critical flaws in OpenText Enterprise Content Management System
Roaming Mantis uses new DNS changer in its Wroba mobile malware

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

Watch out! Experts plans to release VMware vRealize Log RCE exploit next week

 Horizon3's Attack Team made the headlines again announcing the release of a PoC exploit code for remote code execution in VMware...