Security Affairs newsletter Round 377
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
| Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports |
| Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes |
| Twitter confirms zero-day used to access data of 5.4 million accounts |
| The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases |
| DHS warns of critical flaws in Emergency Alert System encoder/decoder devices |
| CISA adds Zimbra email bug to Known Exploited Vulnerabilities Catalog |
| Mysterious threat actor TAC-040 used previously undetected Ljl Backdoor |
| New Linux botnet RapperBot brute-forces SSH servers |
| New Woody RAT used in attacks aimed at Russian entities Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction |
| Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit |
| Hackers stole $200 million from the Nomad crypto bridge |
| Cisco addressed critical flaws in Small Business VPN routers |
| Power semiconductor component manufacturer Semikron suffered a ransomware attack |
| Manjusaka, a new attack tool similar to Sliver and Cobalt Strike |
| Google fixed Critical Remote Code Execution flaw in Android |
| Busting the Myths of Hardware Based Security |
| VMware fixed critical authentication bypass vulnerability |
| LockBit 3.0 affiliate sideloads Cobalt Strike through Windows Defender Gootkit AaaS malware is still active and uses updated tactics |
| Austria investigates DSIRF firm for allegedly developing Subzero spyware |
| ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A. |
| Australian man charged with creating and selling the Imminent Monitor spyware |
| A flaw in Dahua IP Cameras allows full take over of the devices |
| US Federal Communications Commission (FCC) warns of the rise of smishing attacks |
| Threat actor claims to have hacked European manufacturer of missiles MBDA |
| 17 Android Apps on Google Play Store, dubbed DawDropper, were serving banking malware |
| Security Affairs newsletter Round 376 by Pierluigi Paganini |
| North Korea-linked SharpTongue spies on email accounts with a malicious browser extension |
|
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 377 appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
