Breaking News

Security Affairs newsletter Round 177 – News of the week

newsletternewsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal

20% discount

Kindle Edition

Paper Copy

Digging The Deep WebDigging The Deep Web

Once again thank you!

·      Chinas Belt and Road project (BRI) is a driver of regional cyber threat activity
·      North Korea-linked Dark Hotel APT leverages CVE-2018-8373 exploit
·      Flaw in SOLEO IP Relay Service potentially exposed over 30 million Canadian records
·      Malware researcher reverse engineered a threat that went undetected for at least 2 years
·      Twitch bug may have exposed some users messages to others
·      Unusual Malspam campaign targets banks with Microsoft Publisher files
·      Anonymous collective brought down Spain sites to support Catalonia
·      Microsoft says Russian hackers continue targeting 2018 midterm elections
·      Security firm released Singularity, an open source DNS Rebinding attack tool
·      A critical remote code execution flaws in Ghostscript could allow to completely take over affected system
·      Adobe security updates address 2 critical code execution flaws in Photoshop
·      Crooks claim to have stolen 20k customer records from Superdrug cosmetics retailer
·      Dark Tequila Banking malware targets Latin America since 2013
·      Expert discovered a Critical Remote Code Execution flaw in Apache Struts (CVE-2018-11776)
·      Bitdefender spotted Triout, a new powerful Android Spyware Framework
·      Latest Turla backdoor leverages email PDF attachments as C&C mechanism
·      North Korea-linked Ryuk Ransomware used in a targeted campaign
·      Operation Red Signature – South Korean Firms victims of a supply chain attack
·      A new Cross-Platform Mirai Variant appeared in the wild
·      Expert found a flaw that affects all OpenSSH versions since 1999
·      North Korea-linked Lazarus APT uses first Mac malware in cryptocurrency exchange attack
·      T-Mobile data breach exposed personal information of up to 2 million customers
·      AdvisorsBot, a previously undocumented downloader involved in malicious email campaigns
·      Australia banned Huawei from 5G network due to security concerns
·      The restaurant chain Cheddars Scratch Kitchen has suffered a payment card breach
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Published by
Pierluigi Paganini
7 years ago

Recent Posts

U.S. CISA adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wazuh, and WebDAV flaws to its Known…

1 hour ago

Exposed eyes: 40,000 security cameras vulnerable to remote hacking

Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and…

3 hours ago

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

INTERPOL announced that a joint operation code-named Operation Secure took down 20,000+ malicious IPs/domains tied…

13 hours ago

Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited

A critical remote code execution (RCE) vulnerability in Roundcube was exploited days after patch, impacting…

23 hours ago

A flaw could allow recovery of the phone number associated with any Google account

A vulnerability could allow recovery of the phone number associated with a Google account by…

1 day ago

Texas Department of Transportation (TxDOT) data breach exposes 300,000 crash reports

Hackers breached Texas DOT (TxDOT), stealing 300,000 crash reports with personal data from its Crash…

2 days ago