Breaking News

Security Affairs newsletter Round 170 – News of the week

newsletternewsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal

20% discount

Kindle Edition

Paper Copy

Digging The Deep WebDigging The Deep Web

Once again thank you!

·      Data Broker Exactis data breach, one of the biggest ever, exposes millions of Americans
·      Security issues in the LTE standard expose billions on mobile users to attacks
·      Zerodium offers up to $500,000 for Linux Zero-Day exploits
·      A sample of CryptoCurrency Clipboard Hijackers monitors 2.3 Million Bitcoin addresses
·      NSA began deleting all call detail records (CDRs) acquired since 2015
·      RIG Exploit Kit operators leverage PROPagate Injection Technique to deliver Miner
·      Trezor users targeted by phishing attacks, experts blame DNS Poisoning or BGP Hijacking
·      A Samsung Texting App bug is sending random photos to contacts
·      Facebook is notifying 800,000 users affected by a blocking bug
·      Iranian Charming Kitten ATP group poses as Israeli cybersecurity firm in phishing campaign
·      Microsoft revealed that 2 Zero-Days found in March were part of a cyber weapon in an early development stage
·      Rowhammer Evolves into RAMpage Exploit, Targeting Android Phones Since 2012
·      The Social network giant Facebook confirms it shared data with 61 tech firms after 2015
·      Adware already infected at least 78000 Fortnite Players
·      Huawei enterprise and broadcast products have a crypto bug. Fix it now!
·      Siemens warns of several flaws affecting Central Plant Clocks
·      The GandCrab ransomware V4 appears in the threat landscape
·      Crooks leverage obfuscated Coinhive shortlink in a large crypto-mining operation
·      New Smoke Loader campaign aims at stealing multiple credentials from many applications
·      Thunderbird Version 52.9 addresses several issues, including the EFAIL flaw
·      Why Banning Risks to Cybersecurity Doesnt Actually Improve Cybersecurity
·      Chinese hackers breached into systems at Australian National University … and are still there
·      Google July 2018 Android patches fixes critical vulnerabilities
·      Hamas cyber-operatives lure Israeli soldiers to spyware hidden in tainted apps
·      NSO Group ex-employee arrested for attempting to sell phone Hacking Tool For $50 Million
·      Critical flaws patched in ISP Advanced Digital Broadcast Broadband devices
·      New Rakhni variant could infect systems with either a ransomware or a miner

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Published by
Pierluigi Paganini
Tags: CybercrimeHackingNewsletterPierluigi PaganiniSecurity Affairs
7 years ago

Recent Posts

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

INTERPOL announced that a joint operation code-named Operation Secure took down 20,000+ malicious IPs/domains tied…

7 hours ago

Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited

A critical remote code execution (RCE) vulnerability in Roundcube was exploited days after patch, impacting…

17 hours ago

A flaw could allow recovery of the phone number associated with any Google account

A vulnerability could allow recovery of the phone number associated with a Google account by…

21 hours ago

Texas Department of Transportation (TxDOT) data breach exposes 300,000 crash reports

Hackers breached Texas DOT (TxDOT), stealing 300,000 crash reports with personal data from its Crash…

1 day ago

SAP June 2025 Security Patch Day fixed critical NetWeaver bug

SAP fixed a critical NetWeaver flaw that let attackers bypass authorization and escalate privileges. Patch…

1 day ago

U.S. CISA adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws…

2 days ago