Security Affairs newsletter Round 180 – News of the week

Pierluigi Paganini September 16, 2018

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal

20% discount

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      Domestic Kitten – An Iranian surveillance operation under the radar since 2016
·      The main source of infection on ICS systems was the internet in H1 2018
·      A growing number of iOS apps collect and sell location data
·      Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks
·      Fallout exploit kit appeared in the threat landscape in malvertising campaigns
·      GAO Report shed the lights on the failures behind the Equifax hack
·      Mirai and Gafgyt target Apache Struts and SonicWall to hit enterprises
·      Adobe Patch Tuesday for September 2018 fixes 10 flaws in Flash Player and ColdFusion
·      MageCart crime gang is behind the British Airways data breach
·      Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns
·      Trend Micro Apps removed from Mac App Store after being caught exfiltrating user data
·      Zerodium disclose exploit for NoScript bug in version 7 of Tor Browser
·      Cyber Defense Magazine – September 2018 has arrived. Enjoy it!
·      Microsoft Patch Tuesday updates for September 2018 also address recently disclosed Windows zero-day
·      Researchers show how to clone Tesla S Key Fobs in a few seconds
·      September 2018 Security Notes address a total of 14 flaws in SAP products
·      Cobalt crime gang is using again CobInt malware in attacks on former soviet states
·      Flaws in firmware expose almost any modern PC to Cold Boot Attacks
·      ICS CERT warns of several flaws Fuji Electric Fuji Electric V-Server
·      ICS CERT warns of several flaws in Fuji Electric V-Server
·      New PyLocky Ransomware stands out for anti-machine learning capability
·      Iran-Linked OilRig APT group targets high-ranking office in a Middle Eastern nation
·      Kelihos botmaster pleads guilty in U.S. District Court in Connecticut
·      Operator at kayo.moe found a 42M Record Credential Stuffing Data ready to use
·      China-linked APT10 group behind new attacks on the Japanese media sector
·      Dutch expelled two Russian spies over hack plan on Swiss lab working on Skripal case
·      Experts disclose a Webroot SecureAnywhere macOS Kernel Level bug found months ago
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment