Security Affairs newsletter Round 352

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

LockBit ransomware gang claims to have stolen data from PayBito crypto exchange
FBI issued a flash alert on Lockbit ransomware operation
CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw
Over 500,000 people were impacted by a ransomware attack that hit Morley
Ransomware attack hit Swissport International causing delays in flights
A nation-state actor hacked media and publishing giant News Corp
Retail giant Target open sources Merry Maker e-skimmer detection tool
Russia-linked Gamaredon APT targeted a western government entity in Ukraine
Zimbra zero-day vulnerability actively exploited by an alleged Chinese threat actor
Microsoft blocked tens of billions of brute-force and phishing attacks in 2021
Exclusive interview with the Powerful Greek Army (PGA) hacker group
Cisco fixes critical flaws in its Small Business Routers
Antlion APT group used a custom backdoor that allowed them to fly under the radar for months
Oil terminals in Europe’s biggest ports hit by a cyberattack
Wormhole cryptocurrency platform hacked, crooks stole $326 million, the second-biggest hack of a DeFi platform
Trend Micro fixed 2 flaws in Hybrid Cloud Security products
Researcher found an Information Disclosure in the Brave browser
Sugar Ransomware, a new RaaS in the threat landscape
ESET releases fixes for local privilege escalation bug in Windows Applications
Experts warn of a spike in APT35 activity and a possible link to Memento ransomware op
Experts found 23 flaws in UEFI firmware potentially impact millions of devices
 
Massive social engineering waves have impacted banks in several countries
British Council exposed 144,000 files containing student details
A cyber attack severely impacted the operations of German petrol distributor Oiltanking GmbH
Iran-linked MuddyWater APT group campaign targets Turkish entities
RCE in WordPress plugin Essential Addons for Elementor impacts hundreds of thousands of websites
Samba fixed CVE-2021-44142 remote code execution flaw
CISA adds 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog
Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP
Hackers stole $80M worth of cryptocurrency from the Qubit DeFi platform
DeepDotWeb admin sentenced to 97 months in prison for money laundering scheme
Expert earned $100,500 bounty to hack Apple MacBook webcam and microphone
 
Americans lost $770 million from social media fraud in 2021, FTC reports
Hybrid cloud campaign OiVaVoii targets company executives
Expert releases PoC for CVE-2022-21882 Windows local privilege elevation issue
Novel device registration trick enhances multi-stage phishing attacks

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 352 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source