Security Affairs newsletter Round 348
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
| Unauthenticated RCE in H2 Database Console is similar to Log4Shell |
| FluBot malware continues to evolve. What’s new in Version 5.0 and beyond? |
| Alfer Microsoft, also SonicWall confirmed that its products were affected by Y2K22 bug |
| FIN7 group continues to target US companies with BadUSB devices |
| How to secure QNAP NAS devices? The vendor’s instructions |
| Threat actor targets VMware Horizon servers using Log4Shell exploits, UK NHS warns |
| Norton Crypto, the controversial cryptomining feature of Norton 360 |
| Over 3.7 million accounts were compromised in the FlexBooker data breach |
| Night Sky, a new ransomware operation in the threat landscape |
| North Korea-linked Konni APT targets Russian diplomatic bodies |
| Threat actors stole 1.1 million customer accounts from 17 well-known companies |
| Google Docs comment feature abused in phishing campaign |
| France hits Google, Facebook with fines over ‘Cookies’ management |
| NoReboot persistence technique fakes iPhone shutdown |
| VMware fixed CVE-2021-22045 heap-overflow in Workstation, Fusion and ESXi |
| FTC warns legal action against businesses who fail to mitigate Log4J attacks |
| Threat actors continue to exploit Log4j flaws in their attacks, Microsoft Warns |
| Researchers used electromagnetic signals to classify malware infecting IoT devices |
| UScellular discloses the second data breach in a year |
| Attackers abused cloud video platform to inject an e-skimmer into 100 Real Estate sites Purple Fox backdoor spreads through fake Telegram App installer |
| Hospitality Chain McMenamins discloses data breach after ransomware attack |
| Broward Health suffered a data breach that impacted +1.3 million people |
| ‘doorLock’ – A persistent denial of service flaw affecting iOS 15.2 – iOS 14.7 |
| Israeli Media Outlets hacked on the anniversary of Soleimani killing |
| SEGA Europe left AWS S3 bucket unsecured exposing data and infrastructure to attack |
| The worst cyber attacks of 2021 |
| Microsoft rolled out emergency fix for Y2k22 bug in Exchange servers |
| Exclusive: NASA Director Twitter account hacked by Powerful Greek Army |
| Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate North Korea-linked threat actors stole $1.7 billion from cryptocurrency exchanges |
| Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021 |
Follow me on Twitter: @securityaffairs and Facebook
|
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 348 appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
