Security Affairs newsletter Round 329

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the international press subscribe here.

EskyFun data leak, over 1 million Android gamers impacted
Boffins show PIN bypass attack Mastercard and Maestro contactless payments
Phorpiex botnet shuts down and authors put source code for sale
Atlassian released security patches to fix a critical flaw in Confluence
An RCE in Annke video surveillance product allows hacking the device
ChaosDB, a Critical Cosmos DB flaw affected thousands of Microsoft Azure Customers
The FBI issued a flash alert for Hive ransomware operations
Victims of Ragnarok ransomware can decrypt their files for free
B. Braun Infusomat pumps could be hacked to alter medication doses
CISA publishes malware analysis reports on samples targeting Pulse Secure devices
Cisco fixed a critical flaw in Cisco APIC for Nexus 9000 series switches
Kaseya fixed two of the three Kaseya Unitrends zero-days found in July
Personal Data and docs of Swiss town Rolle available on the dark web
VMware addressed 4 High-Severity flaws in vRealize Operations
F5 addressed a flaw in BIG-IP devices rated as critical severity under specific conditions
FIN8 group used a previously undetected Sardonic backdoor in a recent attack
ShinyHunters group claims to have data of 70M AT&T customers
Modified version of Android WhatsApp installs Triada Trojan
Samsung could use a TV Block feature to disable any of its TVs worldwide
CVE-2021-3711 in OpenSSL can allow to change an application’s behavior
New zero-click exploit used to target Bahraini activists’ iPhones with NSO spyware
FBI flash alert warns on OnePercent Group Ransomware attacks
Realtek SDK flaws exploited to deliver Mirai bot variant
CISA recommends immediately patch Exchange ProxyShell flaws
T-Mobile data breach could be worse than initially thought, 54 million customers impacted
 
Are you using a Sophos UTM appliance? Be sure it is up to date!
LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs
Memorial Health System forced to cancel surgeries after ransomware attack
Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

If you want to also receive for free the international press subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 329 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source