Security Affairs newsletter Round 138 – News of the week

Pierluigi Paganini November 26, 2017

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Once again thank you!

·      A second variant of the new Cryptomix Ransomware released in a few days
·      Cash Converters suffered a data breach, users of the old webshop are at risk
·      De-authentication attack on Amazon Key could let crooks to disable your camera
·      Security Affairs newsletter Round 137 – News of the week
·      A bug in the Android MediaProjection service lets hackers to record audio and screen activity on 77% of all devices
·      According to UIDAI, more than 200 government websites made Aadhaar users details public
·      Experts observed a new wave of wp-vcd malware attacks targeting WordPress sites
·      Global Cyber Alliance launched the Quad9 DNS service to secure your online experience
·      The controversial certificate authority StartCom will go out of business on January 1, 2018
·      2017 OWASP Top 10 Final Release is out, whats new?
·      A massive cyber attack hit the Algerian state telecom operator Algerie Telecom
·      BankBot Trojan bypasses again security checks implemented by Google for the Play Store
·      Using Unsecured IoT Devices, DDoS Attacks Doubled in the First Half of 2017
·      Windows 8 and newer versions fail to properly implement ASLR
·      Experts found a way to exploit HP Enterprise printers to hack into company networks
·      Lazarus APT uses an Android app to target Samsun users in the South Korea
·      Lazarus APT uses an Android app to target Samsung users in the South Korea
·      ProtonMail Contacts – ProtonMail launches worlds first encrypted contacts manager
·      U.S. charges Iranian state-sponsored hacker over ‘Game of Thrones HBO hack
·      Unbelievable: Uber concealed data breach that exposed 57 Million records in 2016
·      Artificial Intelligence is Important for Cybersecurity, But Its Not Enough
·      Crooks set up a fake Symantec Blog to spread the macOS Proton malware
·      Google gathers Android users location data even when location services are disabled
·      Many vendors will release fixes for flaws in the Intel Management Engine
·      You need to patch your Samba installation as soon as possible
·      Advanced cyber attack hits Saudi Arabia to disrupt government computers
·      Double check if your Bitcoin/Ethereum wallet is exposed online, crooks are running massive Internet scans
·      Firefox will notify users who visit sites that suffered a data breach
·      Self-Replicating Malware exploits MS Office Built-In feature
·      A new version of the Scarab ransomware is now being distributed via the Necurs botnet
·      GOLDEN SAML attack technique forges authentication to cloud apps
·      Imgur was hacked in 2014, 1.7 million user accounts were compromised
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment