Security Affairs newsletter Round 254

Pierluigi Paganini March 08, 2020

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

49 million unique email addresses of Straffic Marketing firm exposed online
Russian spies are attempting to tap transatlantic undersea cables
$1B to help telecom carriers to rip and replace Huawei and ZTE equipment
Karkoff 2020: a new APT34 espionage operation involves Lebanon Government
Nemty ransomware LOVE_YOU malspam campaign
SurfingAttack – hacking phones via ultrasonic waves
Venezuela – Power outage knocked out part of the internet connectivity
A bug in the Walgreens mobile app leaked customers messages
Cisco offers free 90-day Webex Licenses due to coronavirus outbreak
Experts warn of mass scans for Apache Tomcat Ghostcat flaw
Nemty ransomware operators launch their data leak site
The North Korean Kimsuky APT threatens South Korea evolving its TTPs
US officials charge two Chinese men for laundering cryptocurrency for North Korea
CIA Hacking unit APT-C-39 hit China since 2008
Google addresses over 70 flaws in Android, including a remotely exploitable issue
Iranian government blocked Wikipedia Farsi due Coronavirus outbreak
Lets Encrypt CA is revoking over 3 Million TLS certificates due to a bug
Visser Precision, a part maker for Tesla, Boeing, and Lockheed Martin hit with data-stealing ransomware
Cisco addresses high severity RCE flaws in Webex Player
Hackers gained access to T-Mobile customers and employee personal info
Hundreds of Microsoft sub-domains open to hijacking
Malware campaign employs fake security certificate updates
Most of the attacks on Telecom Sector in 2019 were carried out by China-linked hackers
Expert publicly discloses Zoho ManageEngine zero-day on Twitter
Most of Linux distros affected by a critical RCE in PPP Daemon flaw
TrickBot targets Italy using fake WHO Coronavirus emails as bait
Virgin Media disclose data breach, over 900,000 Customers impacted
CVE-2019-0090 flaw affects Intel Chips released in the last 5 years
EVRAZ operations in North America disrupted by Ryuk ransomware
Travel leisure company Carnival Corporation discloses data breach
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment