Security Affairs newsletter Round 341

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours
Study reveals top 200 most common passwords
The newer cybercrime triad: TrickBot-Emotet-Conti
Tor Project calls to bring more than 200 obfs4 bridges online by December
Canadian teenager stole $36 Million in cryptocurrency via SIM Swapping
California Pizza Kitchen discloses a data breach
North Korea-linked TA406 cyberespionage group activity in 2021
Conti ransomware operations made at least $25.5 million since July 2021
Android banking Trojan BrazKing is back with significant evasion improvements
Microsoft addresses a high-severity vulnerability in Azure AD
Attackers deploy Linux backdoor on e-stores compromised with software skimmer
Zero-Day flaw in FatPipe products actively exploited, FBI warns
Phishing campaign targets Tiktok influencer accounts
US, UK and Australia warn of Iran-linked APTs exploiting Fortinet, Microsoft Exchange flaws
Netgear fixes code execution flaw in many SOHO devices
CISA releases incident response plans for federal agencies
The rise of millionaire zero-day exploit markets
Iran-linked APT groups continue to evolve
Mandiant links Ghostwriter operations to Belarus
GitHub addressed two major vulnerabilities in the NPM package manager
Adult cam site StripChat exposes the data of millions of users and cam models
Intel addresses 2 high-severity issues in BIOS firmware of several processors
SharkBot, a new Android Trojan targets banks in Europe
Operation Reacharound – Emotet malware is back
Cloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to date
North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro
Microsoft rolled out emergency updates to fix Windows Server auth failures
Happy 10th Birthday, Security Affairs
QAKBOT Trojan returns using Squirrelwaffle as a dropper
Two Sony PS5 exploits disclosed the same day
ENISA – The need for Incident Response Capabilities in the health sector
Updated: Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server
FTC shares guidance for small businesses to prevent ransomware attacks
Threat Report Portugal: Q3 2021

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 341 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source