Security Affairs newsletter Round 202 – News of the week

Pierluigi Paganini February 24, 2019

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal

20% discount

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

Facebook login phishing campaign can deceive tech-savvy users
Facebook paid $25,000 for CSRF exploit that leads to Account Takeover
Windows App runs on Mac to download MacOS malware
ATT&CKized Splunk – Threat Hunting with MITRE’s ATT&CK using Splunk
Free Tool: Honey Feed
New Trickbot module implements Remote App Credential-Grabbing features
PoC Exploit Code for recent container escape flaw in runc published online
Toyota PASTA Car-Hacking Tool will be soon on GitHub
Expert found privilege escalation issue in LG Device Manager
Gnosticplayers round 3 – 92 Million fresh accounts from 8 unreported security breaches available for sale
Group-IB: More than 70% of Russian banks are not ready for cyberattacks
Offensive Security announced the release of Kali Linux 2019.1
The Long Run of Shade Ransomware
The Muncy malware is on the rise
These Are the Countries With the Best and Worst Cybersecurity
Expert released a PoC for a remote code execution flaw in mIRC App
Experts found a Remote Code Execution flaw in WordPress 5.0.0
Exposed MongoDB revealed facial recognition abuse for tracking the Uyghur Muslim minority in China.
Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe
North Koreas Lazarus APT targets Russian Entities
Security breach at North Country PoS firm hits hundreds of US restaurants and Hotels
Adobe released second fix for the same Adobe Reader flaw
Critical bug in WINRAR affects all versions released in the last 19 years
CVE-2019-6340 Critical flaw in Drupal allows Remote Code Execution
Security experts released new GandCrab Decryptor for free
The interface of WinPot ATM Malware looks like a slot machine
Cisco addresses flaws in HyperFlex and Prime Infrastructure
Expert found a DoS flaw in Windows Servers running IIS
Google forgot to tell customers that Nest Hub has a microphone
WhatsApp fixes Face ID and Touch ID authentication bypass
Campaigns through LinkedIn s DM deliver More_eggs backdoor via fake job offers
Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems
Crooks offer millions to skilled black hats to help them in extortion campaigns
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter)

[adrotate banner=”5″] [adrotate banner=”13″]


you might also like

leave a comment