Security Affairs newsletter Round 338

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Hacker accessed medical info at UMass Memorial Health
Reading INTERPOL the African Cyberthreat Assessment Report 2021
MITRE and CISA publish the 2021 list of most common hardware weaknesses
TrickBot member extradited to US faces up to 60 years in prison
ESET found a variant of the Hive ransomware that encrypts Linux and FreeBSD
Papua New Guinea ‘s finance ministry was hit by a ransomware
Police arrested 12 individuals involved in 1800 ransomware attacks worldwide
NSA and CISA explained how to prevent and detect lateral movement in 5G networks via cloud systems
Google fixes 2 new actively exploited zero-day flaws in Chrome
Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection
Over 1 million WordPress sites affected by OptinMonster plugin flaws
Wslink, a previously undescribed loader for Windows binaries
AbstractEmu, a new Android malware with rooting capabilities
German investigators identify crypto millionaire behind REvil operations
Crooks steal $130 million worth of cryptocurrency assets from Cream Finance
Avast releases free decrypters for AtomSilo and LockFile ransomware families
Grief ransomware gang hit US National Rifle Association (NRA)
Avast released a free decryptor for Babuk ransomware
The 9th edition of the ENISA Threat Landscape (ETL) report is out!
North Korea-linked Lazarus APT targets the IT supply chain
Operations at Iranian gas stations were disrupted today. Cyber attack or computer glitch?
Dark HunTOR: Police arrested 150 people in dark web drug bustⓘ
Expert managed to crack 70% of a 5,000 WiFi network sample in Tel Aviv
Ranzy Locker ransomware hit tens of US companies in 2021
UltimaSMS subscription fraud campaign targeted millions of Android users
Kansas Man pleads guilty to hacking the Post Rock Rural Water District
Unknown ransomware gang uses SQL injection bug in BillQuick Web Suite to deploy ransomware
A critical RCE flaw affects Discourse software, patch it now!
Red TIM Research found two rare flaws in Ericsson OSS-RC component
Russia-linked Nobelium APT targets orgs in the global IT supply chain
NYT Journalist’s iPhone infected twice with NSO Group’sPegasus spyware
Emsisoft created a free decryptor for past victims of the BlackMatter ransomware
TodayZoo phishing kit borrows the code from other kits
NATO releases its first strategy for Artificial Intelligence
Threat actors offer for sale data for 50 millions of Moscow drivers

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 338 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source