A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
|US DoJ announced to have shut down the Russian RSOCKS Botnet|
|MaliBot Android Banking Trojan targets Spain and Italy|
|Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed|
|Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company|
|A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould|
|BlackCat Ransomware affiliates target unpatched Microsoft Exchange servers
ALPHV/BlackCat ransomware gang starts publishing victims’ data on the clear web
|Researchers disclosed a remote code execution flaw in Fastjson Library|
|Cisco fixed a critical Bypass Authentication flaw in Cisco ESA and Secure Email and Web Manager|
|Malicious apps continue to spread through the Google Play Store|
|Hertzbleed Side-Channel Attack allows to remotely steal encryption keys from AMD and Intel chips|
|A critical flaw in Citrix Application Delivery Management allows resetting admin passwords|
|Panchan Golang P2P botnet targeting Linux servers in cryptomining campaign|
|Let’s give a look at the Dark Web Price Index 2022|
|A flaw in Zimbra email suite allows stealing login credentials of the users|
|API Security Best Practices
SeaFlower campaign distributes backdoored versions of Web3 wallets to steal seed phrases
|Experts spotted Syslogk, a Linux rootkit under development|
|Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability|
|GALLIUM APT used a new PingPull RAT in recent campaigns|
|HelloXD Ransomware operators install MicroBackdoor on target systems|
|Using WiFi connection probe requests to track users|
|Security Affairs newsletter Round 369 by Pierluigi Paganini|
|Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers|
|HID Mercury Access Controller flaws could allow to unlock Doors|
|Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal|
|PACMAN, a new attack technique against Apple M1 CPUs|
Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. I ask you to vote for me again (even if you have already done it), because this vote is for the final.
Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”)
To nominate, please visit:
Follow me on Twitter: @securityaffairs and Facebook
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 370 by Pierluigi Paganini appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.