Security Affairs newsletter Round 139 – News of the week

Pierluigi Paganini December 03, 2017

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Once again thank you!

·      A new Mirai variant is rapidly spreading, around 100,000 IPs running the scans in the past 60 hours
·      Security Affairs newsletter Round 138 – News of the week
·      The Cobalt group is exploiting the CVE-2017-11882 Microsoft Office flaw in targeted attacks
·      A Verge specific node wallets hacked, crooks stole $655,000 from CoinPouch XVG Verge wallets
·      Researcher found a vulnerability in Facebook polls that allowed removal of any photo
·      The energy used to mine Bitcoin this year is bigger than the annual usage of almost 160 countries
·      Unix mailer Exim is affected by RCE, DoS vulnerabilities. Apply the workaround asap
·      Bulletproof 360 website was hacked. Personal and financial data exposed
·      Google detects Android Tizi Spyware that spies on popular apps like WhatsApp and Telegram
·      Hackers can easily target container ships by hacking load plans due to its vulnerable messaging system
·      Op In Our Sites – Europol and other agencies seize over 20,500 domains for selling counterfeit products
·      Top Secret US Army and NSA documents left exposed on Amazon S3 bucket
·      US indicts Chinese hackers belonging to APT3 for espionage on Siemens and Moodys
·      A bug in macOS High Sierra allows Root access with no password
·      Bitcoin Gold (BTG) dev team warns its users about a security breach
·      Kazakhstan-born Canadian citizen pleads guilty to 2014 Yahoo hack, he admits helping Russian Intelligence
·      Recently Patched Dnsmasq still affect Siemens Industrial devices
·      24 hours later, Apple fixes the bug in macOS High Sierra that allowed Root access with no password
·      New variants of the UBoatRAT RAT hits targets in East Asia
·      The Shipping Giant Clarkson has suffered a security breach
·      US Judge Orders Coinbase to hand over details of 14,355 US citizens to the IRS
·      Cryptocurrency Miners hidden in websites now run even after users close the browser
·      Google Chrome will block code injection from third-party software within 14 months
·      Reading the NTT 2017 Global Threat Intelligence Center (GTIC) Quarterly Threat Intelligence Report
·      Researchers discover a vulnerability in the DIRTY COW original patch
·      Russian cybercriminal Roman Seleznev gets another prison sentence
·      Anonymous launch Brazilian Corrupt Public Sector Entities Data Leak
·      At least six thousand Lantronix Serial-To-Ethernet devices are leaking Telnet passwords
·      Europol and law enforcement agencies dismantled a criminal ring specialized in ATM attacks and payment Card Fraud
·      Kaspersky case – Now we know who is the NSA hacker who kept Agencys cyber weapons at home

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment