Security Affairs newsletter Round 216 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Kindle Edition

If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter”

https://www.surveymonkey.com/r/EUBloggerAwards2018

Police seized Bestmixer, the mixing service washed at least $200 million in a year

Remarks on NATO and its approach to the cyber offensive

Sectigo says that most of certificates reported by Chronicle analysis were already revoked

BlueKeep scans observed from exclusively Tor exit nodes

Crooks leverages .htaccess injector on Joomla and WordPress sites for malicious redirects

First American Financial exposed 16 years worth of personal and financial documents

Hacker breached Perceptics, a US maker of license plate readers

APT10 is back with two new loaders and new versions of known payloads

DuckDuckGo Address Bar Spoofing

Internet scans found nearly one million systems vulnerable to BlueKeep

Shade Ransomware is very active outside of Russia and targets more English-speaking victims

Siemens Healthineers medical products vulnerable to Windows BlueKeep flaw

All Docker versions affected by an unpatched race condition issue

Google white hat hacker found code execution flaw in Notepad

HawkEye Keylogger is involved in attacks against business users

News aggregator Flipboard disclosed a data breach

TA505 is expanding its operations

Using Public Wi-Fi? Your data can be hacked easily! Heres How…

Checkers double drive-thru restaurants chain discloses card breach

Convert Plus WordPress plugin flaw allows hackers to create Admin accounts

Emissary Panda APT group hit Government Organizations in the Middle East

Nansh0u campaign already infected 50,000 MS-SQL and PHPMyAdmin Servers

VPNpro research: this Chinese-linked company secretly owns 10 VPNs with 86 million installs

0patch released micropatch for BearLPE Zero-Day flaw in Windows 10 Task Scheduler

HiddenWasp, a sophisticated Linux malware borroes from Mirai and Azazel

Microsoft warns for the second time of applying BlueKeep patch

Security expert shows how to bypass macOS Gatekeeper

The Pyramid Hotel Group data leak exposes 85GB of security logs of major hotel chains

Apple updates address SQLite, WebKit issues in iTunes and iCloud for Windows

Cryptojacking campaign uses Shodan to scan for Docker hosts to hack

GandCrab operators are shutting down their operations

Russian military plans to replace Windows with Astra Linux

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Next ProtonMail denies that it spies on users for government agencies »

Previous « ESET analyzes Turla APT's usage of weaponized PowerShell

Published by

Pierluigi Paganini

Tags: Hackinginformation security newsmalwareNewsletterPierluigi PaganiniSecurity AffairsSecurity News

5 years ago

Recent Posts

Security

MITRE revealed that nation-state actors breached its systems via Ivanti zero-days

The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by…

19 hours ago

Security

FBI chief says China is preparing to attack US critical infrastructure

China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…

1 day ago

Cyber Crime

United Nations Development Programme (UNDP) investigates data breach

The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…

1 day ago

Cyber Crime

FIN7 targeted a large U.S. carmaker with phishing attacks

BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…

2 days ago

Hacking

Law enforcement operation dismantled phishing-as-a-service platform LabHost

An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…

2 days ago

Hacking

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…

2 days ago

This website uses cookies.