Security Affairs newsletter Round 147

Security Affairs newsletter Round 147 – News of the week

Pierluigi Paganini January 28, 2018

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Once again thank you!

· A hospital victim of a new SamSam Ransomware campaign paid $55,000 ransom

· OnePlus admitted hackers stole credit card information belonging to up to 40,000 customers

· Researchers found misconfigured Jenkins servers leaking sensitive data

· Security Affairs newsletter Round 146 – News of the week

· CSE CybSec ZLAB Malware Analysis Report – Exclusive, tens of thousands of compromised sites involved in a new massive malvertising campaign

· Cybersecurity week Round-Up (2018, Week 3)

· Google awarded Chinese hacker record $112,500 for Android exploit chain

· Hacker infected pumps at gas-stations in Russia in a profitable fraud scheme

· Op EvilTraffic CSE CybSec ZLAB Malware Analysis Report – Exclusive, tens of thousands of compromised sites involved in a new massive malvertising campaign

· Google hacker found a critical flaw in Blizzard Games that expose millions of PCs to DNS Rebinding attacks

· Intel recommended to stop deploying the current versions of Spectre/Meltdown patches

· Linus Torvalds calls the Linux Spectre patches UTTER GARBAGE

· SaaS webservice for Seagates GoFlex Home Storage devices vulnerable to MiTM and XSS

· Three Sonic apps in the Google Play are leaking data to uncertified servers

· WordPress plugins and themes vulnerabilities statistics for 2017

· According to TrendMicro Business Email Compromise (BEC) attacks could reach $ 9 billion in 2018

· Are you a Tinder user? Watch out, someone could spy on you

· Bell Canada suffers a data breach for the second time in less than a year

· Critical code execution flaw in Electron framework impacts popular Desktop apps such as Skype and Signal

· Less than 10% of Gmail users enabled two-factor authentication

· Satoris threat actors are behind the new Masuta botnet that is targeting routers in the wild

· A look into the cyber arsenal used by Lazarus APT hackers in recent attacks against financial institutions

· libcurl has had authentication leak bug dated back to before September 1999

· Maersk chair revealed its company reinstalled 45,000 PCs and 4,000 Servers after NotPetya Attack

· New HNS botnet has already compromised more than 20,000 IoT devices

· Spritecoin ransomware masquerades as cryptocurrency wallet and also harvests victims data

· Cryptocurrencies Black Friday – Japan-based digital exchange Coincheck hacked

· Monero Crypto-Currency Mining Operation impacted 30 Million users

· Stealth CrossRAT malware targets Windows, MacOS, and Linux systems

· The Dutch intelligence service AIVD ‘hacked Russian Cozy Bear systems for years

· Cybercriminals are offering for sale infant fullz on the dark web

· Hurry up, update your Lenovo Fingerprint Manager Pro if you use Windows 7, 8 and 8.1

· Trend Micro spotted a malvertising campaign abusing Googles DoubleClick to deliver Coinhive Miner

[adrotate banner=”9″]	[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini June 27, 2025

Taking over millions of developers exploiting an Open VSX Registry flaw

Pierluigi Paganini June 27, 2025

Security Affairs newsletter Round 147 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived!

you might also like

Taking over millions of developers exploiting an Open VSX Registry flaw

OneClik APT campaign targets energy sector with stealthy backdoors

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Taking over millions of developers exploiting an Open VSX Registry flaw

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

QUICK LINKS

Security Affairs newsletter Round 147 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived!

you might also like

Taking over millions of developers exploiting an Open VSX Registry flaw

OneClik APT campaign targets energy sector with stealthy backdoors

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Taking over millions of developers exploiting an Open VSX Registry flaw

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

Subscribe to my email list and stay
up-to-date!