Security Affairs newsletter Round 106 – News of the week

Pierluigi Paganini April 09, 2017

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

First of all, let me inform you that at the #infosec16 SecurityAffairs was awarded as The Best European Personal Security Blog
http://securityaffairs.co/wordpress/48202/breaking-news/securityaffairs-best-european-personal-security-blog.html

·      Android Chrysaor spyware went undetected for years
·      UEFI Vulnerabilities allow to fully compromise Gigabyte Mini PCs
·      Joining the dots between the ancient Moonlight Maze espionage campaigns and the Turla APT
·      Cyber Risk and Cyber Insurance – Insurance challenge to the CIO as corporate Cyber Security Effectiveness manager
·      Japan plans to develop a hack-proof satellite system
·      Attackers can siphon data from Splunk Enterprise if an authenticated user visits a malicious webpage
·      Linux Kernel vulnerability CVE-2017-7184 disclosed at Pwn2Own 2017 fixed
·      Phishing campaigns target airline consumers seeking business credentials
·      Forcepoint spotted the modular Felismus RAT, it appears the work of skilled professionals
·      95,000 job seekers affected by the McDonalds Canada data breach
·      Still problems for Schneider Electric, Schneider Modicon TM221CE16R has a hardcoded password
·      Download and install the last iOS 10.3.1, attackers can hack you over Wi-Fi
·      South Korean users targeted with a new stealthy malware, the ROKRAT RAT
·      ClearEnergy ransomware aim to destroy process automation logics in critical infrastructure, SCADA and industrial control systems.
·      United Cyber Caliphate published a kill list of 8,786 individuals in US, UK
·      Crooks took control over operations of a Brazilian bank for 5 hours
·      Be careful, Cisco Mobility Express shipped with some Cisco Aironet devices has a hard-coded password
·      Scottrade Bank admits a data breach that potentially exposed 20,000 customers records
·      Be careful, Cisco Mobility Express is shipped with some Cisco Aironet devices has a hard-coded password. Fix it!
·      Operation Cloud Hopper – APT10 goes after Managed Service Providers
·      Philadelphia Ransomware, a new threat targets the Healthcare Industry
·      Apache Struts 2 vulnerability exploited to deliver the Cerber ransomware
·      IoT Amnesia Botnet puts at risk hundreds of thousands of DVRs due to unpatched flaw
·      Vulnerability in Apple Music for Android could be exploited to steal user data
·      WikiLeaks leaked files on the Grasshopper framework, a CIA Tool for creating customized malware installers
·      Sathurbot botnet, over 20,000 bots launched a distributed WordPress password attack
·      Brickerbot botnet, the thingbot that permanently destroys IoT devices
·      RensenWare ransomware – You will decrypt files only scoring .2 Billion in TH12 Game
·      The Shadow Brokers release more alleged NSA hacking tools and exploits

Hurry up, subscribe to the newsletter, next Sunday you will receive all the news directly in your inbox.I desire to inform you that Security Affairs is now open to sponsored content.
I’ll offer the opportunity to:
•    Insert banners of various sizes in all the posts on Security Affairs.
•    Publish sponsored posts written by the customers that can include any kind of commercial reference.
•    Arrange a monthly/quarterly/annual campaign (for big customers) to advertise customers’ activities and discoveries.
For more info contact me at pierluigi.paganini@securityaffairs.co
Thanks for supporting Security Affairs.

newsletter

Once again thank you!

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Newsletter)



you might also like

leave a comment