Security Affairs newsletter Round 245

Pierluigi Paganini December 22, 2019

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

From iPhone to NT AUTHORITYSYSTEM – exploit ‘Printconfig dll with a real-world example
Iran announced to have foiled a second cyber-attack in a week
Largest hospital system in New Jersey was hit by ransomware attack
A thief stole hard drives containing Facebook payroll data from a car
Experts found binary planting and arbitrary file overwrite flaws in NPM
Ryuk Ransomware is suspected to be involved in the New Orleans cyberattack
Schneider Electric fixes DoS flaws in Modicon, EcoStruxure products
A study reveals the list of worst passwords of 2019
A WhatsApp bug could have allowed crashing of all group members
Dacls RAT, the first Lazarus malware that targets Linux devices
Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs
TP-Link Archer routers allow remote takeover without passwords
Emotet distributed with emails posing as German authorities, BSI warns
Flaws in Acer and ASUS pre-installed software could lead to arbitrary code execution
Gangnam Industrial Style APT campaign targets industrial firms worldwide
Lab test provider LifeLabs disclose a data breach that exposed personal info of 15M customers
Trend Micro observed notable malware activity associated with the Momentum Botnet
Drupal addressed several issues, including a critical file processing bug
FBI warns travelers against using untrusted and free WiFi networks
Maze Ransomware operators threaten victims to publish their data online
Member of the Dark Overlord hacker Group extradited to the US
Microsoft issues an out-of-band update to address SharePoint information disclosure flaw
More than 267 millions of Facebook user phone numbers exposed online
Apple opens its bug bounty program to all white hat hackers
Negative opinion of Italy security committee Copasir on Huawei, ZTE 5G solutions
Payment card breach potentially impacts all locations of Wawa convenience store
Unveiling JsOutProx: A New Enterprise Grade Implant
Greece to extradite Alexander Vinnik to France to face a charge of money laundering
Watch out, hackers are targeting CVE-2018-0296 Cisco fixed in 2018
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment