Security Affairs newsletter Round 350

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Pay attention to Log4j attacks, Dutch National Cybersecurity Centre (NCSC) warns
Vulnerabilities in Control Web Panel potentially expose Linux Servers to hack
US Treasury Department sanctions 4 Ukrainian officials for working with Russian intelligence
A bug in McAfee Agent allows running code with Windows SYSTEM privileges
Experts warn of anomalous spyware campaigns targeting industrial firms
Google Project Zero discloses details of two Zoom zero-day flaws
MoonBounce UEFI implant spotted in a targeted APT41 attack
Conti ransomware gang started leaking files stolen from Bank Indonesia
FBI links the Diavol ransomware to the TrickBot gang
Cisco StarOS flaws could allow remote code execution and information disclosure
Crypto.com hack impacted 483 accounts and resulted in a $34 million theft
Red Cross hit by a sophisticated cyberattack
New BHUNT Stealer targets cryptocurrency wallets
SolarWinds Serv-U bug exploited by threat actors in the wild, Microsoft warns
New DDoS IRC Bot distributed through Korean webHard platforms
UK NCSC shares guidance for organizations to secure their communications with customers
CISA warns of potential critical threats following attacks against Ukraine
Box flaw allowed to bypass MFA and takeover accounts
Is White Rabbit ransomware linked to FIN8 financially motivated group?
AlphV/BlackCat ransomware gang published data stolen from fashion giant Moncler
Financially motivated Earth Lusca threat actors targets organizations worldwide
Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs
Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues
A small number of Crypto.com users reported suspicious activity on their wallet
Oracle Critical Patch Update for January 2022 will fix 483 new flaws
Zoho fixes a critical vulnerability (CVE-2021-44757) in Desktop Central solutions
High-Severity flaw in 3 WordPress plugins impacts 84,000 websites
Experts warn of attacks using a new Linux variant of SFile ransomware
Kyiv blames Belarus-linked APT UNC1151 for recent cyberattack
European Union simulated a cyber attack on a fictitious Finnish power company
Microsoft spotted a destructive malware campaign targeting Ukraine
A new wave of Qlocker ransomware attacks targets QNAP NAS devices
Threat actors stole $18.7M from the Lympo NTF platform

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 350 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source