Security Affairs newsletter Round 368 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Anonymous: Operation Russia after 100 days of war
GitLab addressed critical account take over via SCIM email change
LuoYu APT delivers WinDealer malware via man-on-the-side attacks
Clipminer Botnet already allowed operators to make at least $1.7 Million
Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited
Microsoft blocked Polonium attacks against Israeli organizations
LockBit ransomware attack impacted production in a Mexican Foxconn plant
Conti leaked chats confirm that the gang’s ability to conduct firmware-based attacks
An international police operation dismantled FluBot spyware
A critical RCE flaw in Horde Webmail has yet to be addressed
New XLoader Botnet version uses new techniques to obscure its C2 servers
Experts uncovered over 3.6M accessible MySQL servers worldwide
China-linked TA413 group actively exploits Microsoft Follina zero-day flaw
Hive ransomware gang hit Costa Rica public health service
SideWinder carried out over 1,000 attacks since April 2020
Microsoft shared workarounds for the Microsoft Office zero-day dubbed Follina
Experts warn of ransomware attacks against government organizations of small states
Three Nigerian men arrested in INTERPOL Operation Killer Bee
A new WhatsApp OTP scam could allow the hijacking of users’ accounts
Multiple Microsoft Office versions impacted by an actively exploited zero-day
GoodWill Ransomware victims have to perform socially driven activities to decryption their data
EnemyBot malware adds new exploits to target CMS servers and Android devices
Pro-Russian hacker group KillNet plans to attack Italy on May 30
US man sentenced to 4 years in prison for his role in Infraud scheme

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”)

To nominate, please visit: 

https://docs.google.com/forms/d/e/1FAIpQLSdNDzjvToMSq36YkIHQWwhma90SR0E9rLndflZ3Cu_gVI2Axw/viewform

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 368 by Pierluigi Paganini appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source