A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
|U.S. Gov believes North Korea-linked Lazarus APT is behind Ronin Validator cyber heist|
|The unceasing action of Anonymous against Russia|
|Threat actors target the Ukrainian gov with IcedID malware|
|Threat actors use Zimbra exploits to target organizations in Ukraine|
|Conti Ransomware Gang claims responsibility for the Nordex hack|
|ZingoStealer crimeware released for free in the cybercrime ecosystem|
|Auth bypass flaw in Cisco Wireless LAN Controller Software allows device takeover|
|Google fixed third zero-day in Chrome since the start of 2022|
|Ways to Develop a Cybersecurity Training Program for Employees|
|Analysis of the SunnyDay ransomware|
|US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices|
|CISA adds Windows CLFS Driver Privilege Escalation flaw to its Known Exploited Vulnerabilities Catalog|
|Critical VMware Workspace ONE Access CVE-2022-22954 flaw actively exploited|
|Microsoft has taken legal and technical action to dismantle the Zloader botnet|
|CVE-2021-31805 RCE bug in Apache Struts was finally patched|
|China-linked Hafnium APT leverages Tarrask malware to gain persistence|
|JekyllBot:5 flaws allow hacking TUG autonomous mobile robots in hospitals|
|EU officials were targeted with Israeli surveillance software|
|Microsoft Partch Tuesday for April 2022 fixed 10 critical vulnerabilities|
|Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums
Russia-linked Sandworm APT targets energy facilities in Ukraine with wipers
|NGINX project maintainers fix flaws in LDAP Reference Implementation|
|CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog|
|Anonymous hacked Russia’s Ministry of Culture and leaked 446 GB|
|FFDroider, a new information-stealing malware disguised as Telegram app|
|SuperCare Health discloses a data breach that Impacted +300K people|
|Microsoft’s Autopatch feature improves the patch management process|
|Dependency Review GitHub Action prevents adding known flaws in the code|
|Securing Easy Appointments and earning CVE-2022-0482|
|Apr 03 – Apr 09 Ukraine – Russia the silent cyber conflict
NB65 group targets Russia with a modified version of Conti’s ransomware
|Facebook blocked Russia and Belarus threat actors’ activity against Ukraine|
Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform
Follow me on Twitter: @securityaffairs and Facebook
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 361 by Pierluigi Paganini appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.