Security Affairs newsletter Round 307

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the international press subscribe here.

CISA releases CHIRP, a tool to detect SolarWinds malicious activity
Microsoft Defender can now protect servers against ProxyLogon attacks
Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft
Abusing distance learning software to hack into student PCs
Adobe addresses a critical vulnerability in ColdFusion product
Ministry of Defence academy hit by state-sponsored hackers
RCE flaw in Apache OFBiz could allow to take over the ERP system
Which is the Threat landscape for the ICS sector in 2020?
CISA is warning of vulnerabilities in GE Power Management Devices
Energy giant Shell discloses data breach caused by Accellion FTA hack
Google fixes an Android vulnerability actively exploited in the wild
Sierra Wireless halted production at its manufacturing sites due to ransomware attack
92% of worldwide Microsoft Exchange IPs are now patched or mitigated
A day before elections, hackers leaked details of millions of Israeli voters
Billions of FBS Records Exposed in Online Trading Broker Data Leak
Black Kingdom ransomware is targeting Microsoft Exchange servers
Cisco Jabber for Windows, macOS, Android and iOS is affected by a critical issue
30 million Americans affected by the Astoria Company data breach
62,000 Microsoft Exchange Servers potentially left unpatched, weeks after software bugs were first uncovered
Facebook took action against China-linked APT targeting Uyghur activists
OpenSSL Project released 1.1.1k version to fix two High-severity flaws
The surge of fake COVID-19 test results, vaccines and vaccination certificates on the Dark Web
FBI published a flash alert on Mamba Ransomware attacks
German Parliament Bundestag targeted again by Russia-linked hackers
Hades ransomware gang targets big organizations in the US
Solarwinds Orion Platform updates fix two remote code execution issues
Apple released out-of-band updates for a new Zero‑Day actively exploited
Clop Ransomware gang now contacts victims customers to force victims into pay a ransom
Experts spotted a new advanced Android spyware posing as System Update

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 307 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source