Security Affairs newsletter Round 328

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the international press subscribe here.

U.S. State Department was recently hit by a cyber attack
New LockFile ransomware gang uses ProxyShell and PetitPotam exploits
US CISA releases guidance on how to prevent ransomware data breaches
Lojas Renner, Brazilian largest clothing store chain, was hit by ransomware
Emsisoft releases free SynAck ransomware decryptor
Cloudflare mitigated the largest ever volumetric DDoS attack to date
Internet Systems Consortium (ISC) fixes High-Severity DoS flaw in BIND DNS Software
Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices
Cisco warns of Server Name Identification data exfiltration flaw in multiple products
637 flaws in industrial control system (ICS) products were published in H1 2021
Threat actors stole $97 million from Liquid cryptocurency exchange
Cisco will not patch critical flaw CVE-2021-34730 in EoF routers
Threat actors hacked US Census Bureau in 2020 by exploiting a Citrix flaw
NK-linked InkySquid APT leverages IE exploits in recent attacks
New analysis of Diavol ransomware reinforces the link to TrickBot gang
T-Mobile data breach has impacted 48.6 million customers
Adobe addresses two critical vulnerabilities in Photoshop
Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR
Kalay cloud platform flaw exposes millions of IoT devices to hack
Fortinet FortiWeb OS Command Injection allows takeover servers remotely
1.9 million+ records from the FBI’s terrorist watchlist available online
Colonial Pipeline discloses data breach after May ransomware attack
T-Mobile confirms data breach that exposed customer personal info
Recent attacks on Iran were orchestrated by the Indra group
US FINRA warns US brokerage firms and brokers of ongoing phishing attacks
Threat actor claims to be selling data of more than 100 million T-Mobile customers
A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad
Glowworm Attack allows sound recovery via a device’s power indicator LED

If you want to also receive for free the international press subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

If you want to also receive for free the international press subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 328 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source