Breaking News

Security Affairs newsletter Round 410 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

PlugX malware delivered by exploiting flaws in Chinese programs
Prometei botnet evolves and infected +10,000 systems since November 2022
CISA adds VMware’s Cloud Foundation bug to Known Exploited Vulnerabilities Catalog
Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man
Latest version of Xenomorph Android malware targets 400 banks
AT&T is notifying millions of customers of data breach after a third-party vendor hack
BMW exposes data of clients in Italy, experts warn
Akamai mitigated a record-breaking DDoS attack that peaked 900Gbps
SonicWall SMA appliance infected by a custom malware allegedly developed by Chinese hackers
Recently discovered IceFire Ransomware now also targets Linux systems
8220 Gang used new ScrubCrypt crypter in recent cryptojacking attacks
CloudBees flaws in Jenkins server can lead to code execution
A critical flaw affects Fortinet FortiOS and FortiProxy, patch it now!
Veeam warns to install patches to fix a bug in its Backup & Replication product
North Korea-linked Lazarus APT used a 0-day in a recent attack
CISA adds three new bugs to Known Exploited Vulnerabilities Catalog
China-linked APT Sharp Panda targets government entities in Southeast Asia
VMware NSX Manager bugs actively exploited in the wild since
SYS01 stealer targets critical government infrastructure
Acer discloses a new data breach, 160 GB of sensitive data available for sale
Expert released PoC exploit code for critical Microsoft Word RCE flaw
LastPass hack caused by an unpatched Plex software on an employee’s PC
Ransom House ransomware attack hit Hospital Clinic de Barcelona
European police dismantled the DoppelPaymer ransomware gang
US government orders States to conduct cyber security audits of public water systems
Hatch Bank data breach caused by the exploitation of the GoAnywhere MFT zero-day
Colour-Blind, a fully featured info stealer and RAT in PyPI
Credential Stuffing attack on Chick-fil-A impacted +71K users
Play Ransomware gang has begun to leak data stolen from City of Oakland

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Published by
Pierluigi Paganini
Tags: Cybercrimedata breachHackinghacking newsinformation security newsIT Information SecuritymalwarePierluigi PaganiniSecurity AffairsSecurity News
1 year ago

Recent Posts

CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog

CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…

9 hours ago

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…

15 hours ago

DOJ arrested the founders of crypto mixer Samourai for facilitating $2 Billion in illegal transactions

The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…

16 hours ago

Google fixed critical Chrome vulnerability CVE-2024-4058

Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…

21 hours ago

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…

1 day ago

Hackers hijacked the eScan Antivirus update mechanism in malware campaign

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…

2 days ago

This website uses cookies.