Security Affairs newsletter Round 371 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Oracle spent 6 months to fix ‘Mega’ flaws in the Fusion Middleware
Multiple malicious packages in PyPI repository found stealing AWS secrets
Attackers exploited a zero-day in Mitel VOIP devices to compromise a network 
Threat actors continue to exploit Log4Shell in VMware Horizon Systems
Vulnerabilities in the Jacuzzi SmartTub app could allow to access users’ data
Google TAG argues that Italian surveillance firm RCS Labs was helped by ISPs to infect mobile users
Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor
NSO Group told lawmakers that Pegasus spyware was used by at least 5 European countries
QNAP warns of a critical PHP flaw that could lead to remote code execution
Researchers found flaws in MEGA that allowed to decrypt of user data
Exclusive: Lithuania under cyber-attack after the ban on Russian railway goods
Magecart attacks are still around but are more difficult to detect
Thank you!!! SecurityAffairs awarded as Best European Personal Cybersecurity Blog 2022
Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer
Flagstar Bank discloses a data breach that impacted 1.5 Million individuals
New ToddyCat APT targets high-profile entities in Europe and Asia
New DFSCoerce NTLM relay attack allows taking control over Windows domains
Cybercriminals Use Azure Front Door in Phishing Attacks
Russian APT28 hacker accused of the NATO think tank hack in Germany
Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild
Security Affairs newsletter Round 370 by Pierluigi Paganini
Cisco will not address critical RCE in end-of-life Small Business RV routers
BRATA Android Malware evolves and targets the UK, Spain, and Italy
Critical flaw in Ninja Forms WordPress Plugin actively exploited in the wild
Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 371 by Pierluigi Paganini appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source