Security Affairs newsletter Round 300

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the international press subscribe here.

Experts explain how to bypass recent improvement of Chinas Great Firewall
New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs
Experts discovered a new Trickbot module used for lateral movement
Experts warn of active exploitation of SonicWall zero-day in the wild
Exploiting a bug in Azure Functions to escape Docker
Google discloses a severe flaw in widely used Libgcrypt encryption library
Operation NightScout: supply chain attack on NoxPlayer Android emulator
CISA: Many victims of SolarWinds hackers had no direct connection to SolarWinds
Cyber Defense Magazine – February 2021 has arrived. Enjoy it!
Kobalos, a complex Linux malware targets high-performance computing clusters
Ransomware operators exploit VMWare ESXi flaws to encrypt disks of VMs
Alleged China-linked hackers used SolarWinds bug to breach National Finance Center
Hackers stole personnel records of software developer Wind River
Recently discovered CVE-2021-3156 SUDO bug also affects macOS Big Sur
TIMs Red Team Research (RTR) discovered 2 new zero-day vulnerabilities in WordPress Plugin Limit Login Attempts Reloaded
Cisco fixes critical remote code execution issues in SMB VPN routers
Google addresses Chrome zero-day flaw actively exploited in the wild
Hackers accessed Stormshield data, including source code of ANSSI certified products
Matryosh DDoS botnet targets Android-Based devices via ADB
SonicWall released patch for actively exploited SMA 100 zero-day
Fortinet addresses 4 vulnerabilities in FortiWeb web application firewalls
Forward Air Corporation says that December Ransomware attack caused a loss of $7.5M
Hackers abuse Plex Media servers for DDoS amplification attacks
TeamTNT group uses Hildegard Malware to target Kubernetes Systems
Experts found critical flaws in Realtek Wi-Fi Module
Packaging giant WestRock is still working to resume after recent Ransomware Attack
Watch out! ‘The Great Suspender Chrome extension contains Malware

If you want to also receive for free the international press subscribe here.

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 300 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source