Security Affairs newsletter Round 287

Click the icon to Follow me:- twitterTelegramRedditDiscord

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

HPE addresses critical auth bypass issue in SSMC console
Is the Abaddon RAT the first malware using Discord as C&C?
New Emotet attacks use a new template urging recipients to upgrade Microsoft Word
COVID-19 vaccine manufacturer suffers a data breach
Finnish psychotherapy center Vastaamo suffered a shocking security breach
KashmirBlack, a new botnet in the threat landscape that rapidly grows
Nitro PDF data breach might impact major companies, including Microsoft, Google, and Apple
Enel Group suffered the second ransomware attack this year
Fragomen law firm data breach exposed Google employees data
Google removes a set of 21 malicious apps from the Play Store
Hacker was identified after the theft of $24 million from Harvest Finance
Over 100 irrigation systems left exposed online without protection
Steelcase office furniture giant hit by Ryuk ransomware attack
TrickBot operators employ Linux variants in attacks after recent takedown
Trump campaign website defaced by scammers
Critical Oracle WebLogic flaw CVE-2020-14882 actively exploited in the wild
FBI, CISA alert warns of imminent ransomware attacks on healthcare sector
Iran-linked Phosphorous APT hacked emails of security conference attendees
Russia-linked Turla APT hacked European government organization
US Cyber Command details implants used in attacks on parliaments and embassies
5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy
Brooklyn & Vermont US hospitals hit by ransomware attacks
DoppelPaymer ransomware gang leaked Hall County, Georgia, voter info
Google discloses unpatched Windows zero-day exploited in the wild
Operation Earth Kitsune: hackers target the Korean diaspora
Threat actors are actively exploiting Zerologon flaw, Microsoft warns
Companies paid $4.2M bug bounties for XSS flaws in 2020
Emotet operators are running Halloween-themed campaigns


Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 287 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

MANY THANKS GO TO THE

Original Source