Breaking News

Security Affairs newsletter Round 166 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online

Kindle Edition

Paper Copy

Once again thank you!

Crooks included the code for CVE-2018-8174 IE Zero-Day in the RIG Exploit Kit
Impervas research shows 75% of open Redis servers are infected
Microsoft reportedly acquires the GitHub popular code repository hosting service
North Korea-Linked Covellite APT group stopped targeting organizations in the U.S.
NYT: Facebook APIs gave device makers deep access to user data. FB disagrees
Thousands of organizations leak sensitive data via misconfigured Google Groups
Updated: Microsoft reportedly acquires the GitHub popular code repository hosting service
‘Zip Slip arbitrary file overwrite vulnerability affects thousands of projects
Iron cybercrime group uses a new Backdoor based on HackingTeams RCS surveillance sw
MyHeritage data breach – 92.3 million user credential exposed
Over 115,000 Drupal Sites still vulnerable to Drupalgeddon2, a gift to crooks
The author of the Sigrun Ransomware decrypts Russian victims files for free
Are Wi-Fi hotspots in World Cup Russia host cities secure?
How Threat Hunters Operate in Modern Security Environments
HR Software company PageUp victim of a Data Breach, experts fear a domino effect
It’s not a joke, Owari botnet operators used root as username and password to access a C&C
Adobe fixed the CVE-2018-5002 Flash Zero-Day exploited in targeted attacks in the Middle East
Prowli Operation – Crooks already compromised over 40,000 servers and IoT Devices
Russia-linked Sofacy APT group adopts new tactics and tools in last campaign
VPNFilter malware now targets new devices, even behind a firewall
Cisco patches a critical vulnerability in Prime Collaboration Provisioning solution
DMOSK Malware Targeting Italian Companies
Facebook confirms privacy settings glitch in a new feature exposed private posts of 14 Million users
Multiple models of IP-based cameras from Chinese firm Foscam could be easily hacked. Update the firmware now!
Chinese state-sponsored hackers steal 600GB U.S. Navy data
Cisco removed hardcoded credentials in WAAS software. Undocumented accounts are a frequent issue
Trend Micro spotted a new variant of KillDisk wiper in Latin America

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

13 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

20 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.