Security Affairs newsletter Round 398 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Samba addressed multiple high-severity vulnerabilities
Former Twitter employee sentenced to 3.5 years in jail for spying on behalf of Saudi Arabia
Social Blade discloses security breach
Data of 5.7M Gemini users available for sale on hacking forums
December 16, 2022  By Pierluigi Paganini   Posted In  Breaking News  Cyber Crime  Data Breach  Hacking 
CISA adds Veeam Backup and Replication bugs to Known Exploited Vulnerabilities Catalog
MCCrash botnet targets private Minecraft servers, Microsoft warns
Microsoft revised CVE-2022-37958 severity due to its broader scope
Chinese MirrorFace APT group targets Japanese political entities
Database of the FBI’s InfraGard US Critical Infrastructure Intelligence portal available for sale
FBI seized 48 domains linked to DDoS-for-Hire service platforms
Crooks use HTML smuggling to spread QBot malware via SVG files
GoTrim botnet actively brute forces WordPress and OpenCart sites
December 2022 Patch Tuesday fixed 2 zero-day flaws
Apple fixed the tenth actively exploited zero-day this year
3.5m IP cameras exposed, with US in the lead
VMware fixed critical VM Escape bug demonstrated at Geekpwn hacking contest
Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway
Lockbit ransomware gang hacked California Department of Finance
Experts detailed a previously undetected VMware ESXi backdoor
Twitter says recently leaked user data are from 2021 breach
Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug
Indian foreign ministry’s Global Pravasi Rishta portal leaks expat passport details
Cryptomining campaign targets Linux systems with Go-based CHAOS Malware
Evilnum group targets legal entities with a new Janicab variant
TrueBot infections were observed in Clop ransomware attacks
Pwn2Own Toronto 2022 Day 4: $989K awarded for 63 unique zero-days
MuddyWater APT group is back with updated TTPs

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 398 by Pierluigi Paganini appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source