Security Affairs newsletter Round 250

Pierluigi Paganini February 09, 2020

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Microsoft announces the launch of a bug bounty program for Xbox
Microsoft warns TA505 changed tactic in an ongoing malware campaign
Russias watchdog Roskomnadzor threatens to fine Twitter and Facebook
The Russian Government blocked ProtonMail and ProtonVPN
Apollon Darknet market is allegedly pulling an exit scam
Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks
Police are warning crooks are using cleaners to compromise businesses
Ransomware brought down services of popular TV search engine TVEyes
Sudo CVE-2019-18634 flaw allows Non-Privileged Linux and macOS Users run commands as Root
Facebook fixed a WhatsApp bug that allowed hackers to access local file system
Hackers abused Twitter API to match usernames to phone numbers
NCA arrested six men in UK over Malta Bank Cyber-Heist
The city of Racine was offline following a ransomware attack
Toll Group shuts down some online systems after ransomware attack
Using 99 mobile phones to create a fake traffic jam in Google Maps
Dropbox paid more than $1 Million via its bug bounty program
Expert released PoC exploit code for unpatched backdoor in HiSilicon chips
Google mistakenly shared private videos of some users with others in 2019
Hackers abuse BitBucket to infect 500K+ hosts with arsenal of malware
Microsoft detects 77,000 active web shells on a daily basis
cdpwn – Millions of devices at risk due to flaws in implementations of Cisco Discovery Protocol (CDP)
Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs
Critical Android Bluetooth flaw CVE-2020-0022 could be exploited without user interaction
Iran-linked APT group Charming Kitten targets journalists, political and human rights activists
Japanese defense contractors Pasco and Kobe Steel disclose security breaches
Facebooks official Twitter and Instagram accounts hacked by OurMine
Group-IB detects Half a Million Indian Banks Cards on Jokers Stash Cardshop
IoT devices at major Manufacturers infected with crypto-miner
RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment