Wed. Jul 6th, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

US DoJ announced to have shut down the Russian RSOCKS Botnet
MaliBot Android Banking Trojan targets Spain and Italy
Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed
Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company
A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould
BlackCat Ransomware affiliates target unpatched Microsoft Exchange servers
ALPHV/BlackCat ransomware gang starts publishing victims’ data on the clear web
Researchers disclosed a remote code execution flaw in Fastjson Library
Cisco fixed a critical Bypass Authentication flaw in Cisco ESA and Secure Email and Web Manager
Malicious apps continue to spread through the Google Play Store
Hertzbleed Side-Channel Attack allows to remotely steal encryption keys from AMD and Intel chips
A critical flaw in Citrix Application Delivery Management allows resetting admin passwords
Panchan Golang P2P botnet targeting Linux servers in cryptomining campaign
Let’s give a look at the Dark Web Price Index 2022
A flaw in Zimbra email suite allows stealing login credentials of the users
API Security Best Practices
SeaFlower campaign distributes backdoored versions of Web3 wallets to steal seed phrases
Experts spotted Syslogk, a Linux rootkit under development
Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability
GALLIUM APT used a new PingPull RAT in recent campaigns
HelloXD Ransomware operators install MicroBackdoor on target systems
Using WiFi connection probe requests to track users
Security Affairs newsletter Round 369 by Pierluigi Paganini
Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers
HID Mercury Access Controller flaws could allow to unlock Doors
Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal
PACMAN, a new attack technique against Apple M1 CPUs

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”)

To nominate, please visit:

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 370 by Pierluigi Paganini appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.


Original Source