Security Affairs newsletter Round 243

Pierluigi Paganini December 08, 2019

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Data of 21 million Mixcloud users available for sale on the dark web
Google warned 12K+ users targeted by state-sponsored hackers
Twitter account of Huawei Mobile Brazil hacked
Clop Ransomware attempts to disable Windows Defender and Malwarebytes
Europol seized 30,506 Internet domain names for IP Infringement
Ohio Election Day cyber attack attempt traced Russian-Owned Company
StrandHogg Vulnerability exploited by tens of rogue Android Apps
TrueDialog database leaked online tens of millions of SMS text messages
A flaw in Microsoft OAuth authentication could lead Azure account takeover
Experts discovered DLL hijacking issues in Kaspersky and Trend Micro solutions
Website of gunmaker Smith & Wesson hit by a Magecart attack
Mozilla removed 4 Avast and AVG extensions for spying on Firefox users
Talos experts found a critical RCE in GoAhead Web Server
Two malicious Python libraries were stealing SSH and GPG keys
China used the Great Cannon DDoS Tool against forum used by Hong Kong protestors
CyrusOne, one of the major US data center provider, hit by ransomware attack
Iran-Linked APT groups target energy, industrial sectors with ZeroCleare Wiper
The evolutions of APT28 attacks
CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems
OpenBSD addresses authentication bypass, privilege escalation issues
VMware addresses ESXi issue disclosed at the Tianfu Cup hacking competition
Russia-linked Gamaredon group targets Ukraine officials
Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment