Security Affairs newsletter Round 339

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Casinos of tribal communities are losing millions in Ransomware attacks
Threat actors stole $55 million worth of cryptocurrency from bZx DeFi platform
Philips Tasy EMR healthcare infomatics solution vulnerable to SQL injection
White hat hackers earn over $1 Million at Pwn2Own Austin 2021
A drone was modified to disrupt U.S. Power Grid, says intelligence bulletin
US defense contractor Electronic Warfare Associates discloses data breach
Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group
Threat actor exploits MS ProxyShell flaws to deploy Babuk ransomware
npm libraries coa and rc. have been hijacked to deliver password-stealing malware
US Gov offers a reward of up to $10M for info on DarkSide leading members
CISA recommends vendors to fix BrakTooth issues after the release of PoC tool
Cisco warns of hard-coded credentials and default SSH key issues in some products
Expert found a critical remote code execution bug in Linux Kernel
Hacker allegedly involved in 2020 Twitter hack charged with theft of $784K in crypto
CISA shares a catalog of 306 actively exploited vulnerabilities
CERT-FR warns of Lockean ransomware attacks against French companies
The U.K. Labour Party discloses a data breach
Cyber Defense Magazine – November 2021 has arrived. Enjoy it!
NSO Group, Positive Technologies and other firms sanctioned by the US government
Cybercrime underground flooded with offers for initial access to shipping and logistics orgs
BlackMatter ransomware gang is shutting down due to pressure from law enforcement
Google fixes actively exploited Zero-Day Kernel flaw in Android
Facebook is going to shut down Face Recognition system and data it collected
Ransomware gangs target companies involved in time-sensitive financial events, FBI warns
Google triples bounty for new Linux Kernel exploitation techniques
50% of internet-facing GitLab installations are still affected by a RCE flaw
Trojan Source attack method allows hiding flaws in source code
The Toronto Transit Commission (TTC) hit by a ransomware attack
HelloKitty ransomware gang also targets victims with DDoS attacks
Squid Game Cryptocurrency exit scam! Operators made $2.1 Million
How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash
Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen
Balikbayan Foxes group spoofs Philippine gov to spread RATs
Microsoft warns of an increase in password spraying attacks
Iranian Black Shadow hacking group breached Israeli Internet hosting firm
Minecraft Japanese gamers hit by Chaos ransomware using alt lists as lure
Graff multinational jeweller hit by Conti gang. Data of its rich clients are at risk, including Trump and Beckham

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 339 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source