Security Affairs newsletter Round 309

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

Clop Ransomware operators plunder US universities
Malware attack on Applus blocked vehicle inspections in some US states
2,5M+ users can check whether their data were exposed in Facebook data leak
33.4% of ICS computers hit by a cyber attack in H2 2020
Firmware attacks, a grey area in cybersecurity of organizations
Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks
Experts discovered a privilege escalation issue in popular Umbraco CMS
Experts found critical flaws in Rockwell FactoryTalk AssetCentre
SAP systems are targeted within 72 hours after updates are released
This service allows checking if your mobile is included in the Facebook leak
Crooks use Telegram bots and Google Forms to automate phishing
European Commission and other institutions were hit by a major cyber-attack
Gigaset Android smartphones infected with malware after supply chain attack
New Cring ransomware deployed targeting unpatched Fortinet VPN devices
Pwn2Own 2021 Day 1 – participants earned more than $500k
Cisco fixed multiple flaws in SD-WAN vManage Software, including a critical RCE
Man arrested after hired a hitman on the dark web
Moodle flaw exposed users to account takeover
Pwn2Own 2021 Day 2 – experts earned $200K for a zero-interaction Zoom exploit
Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof
Swarmshop – What goes around comes around: hackers leak other hackers data online
User database was also hacked in the recent hack of PHP ‘s Git Server
330K stolen payment cards and 895K stolen gift cards sold on dark web
CISA releases post-compromise tool Aviary to review Microsoft 365
Cisco will not release updates to fix critical RCE flaw in EoF Business Routers
Pwn2Own 2021: participants earned $1,2M of the $1.5M prize pool
Zerodium will pay $300K for WordPress RCE exploits
Crooks abuse website contact forms to deliver IcedID malware
Hackers compromised APKPure client to distribute infected Apps
This man was planning to kill 70% of Internet in a bomb attack against AWS

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 309 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source