Security Affairs newsletter Round 352
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
| LockBit ransomware gang claims to have stolen data from PayBito crypto exchange |
| FBI issued a flash alert on Lockbit ransomware operation |
| CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw |
| Over 500,000 people were impacted by a ransomware attack that hit Morley |
| Ransomware attack hit Swissport International causing delays in flights |
| A nation-state actor hacked media and publishing giant News Corp |
| Retail giant Target open sources Merry Maker e-skimmer detection tool |
| Russia-linked Gamaredon APT targeted a western government entity in Ukraine |
| Zimbra zero-day vulnerability actively exploited by an alleged Chinese threat actor |
| Microsoft blocked tens of billions of brute-force and phishing attacks in 2021 Exclusive interview with the Powerful Greek Army (PGA) hacker group |
| Cisco fixes critical flaws in its Small Business Routers |
| Antlion APT group used a custom backdoor that allowed them to fly under the radar for months |
| Oil terminals in Europe’s biggest ports hit by a cyberattack |
| Wormhole cryptocurrency platform hacked, crooks stole $326 million, the second-biggest hack of a DeFi platform |
| Trend Micro fixed 2 flaws in Hybrid Cloud Security products |
| Researcher found an Information Disclosure in the Brave browser |
| Sugar Ransomware, a new RaaS in the threat landscape |
| ESET releases fixes for local privilege escalation bug in Windows Applications |
| Experts warn of a spike in APT35 activity and a possible link to Memento ransomware op Experts found 23 flaws in UEFI firmware potentially impact millions of devices |
| Massive social engineering waves have impacted banks in several countries |
| British Council exposed 144,000 files containing student details |
| A cyber attack severely impacted the operations of German petrol distributor Oiltanking GmbH |
| Iran-linked MuddyWater APT group campaign targets Turkish entities |
| RCE in WordPress plugin Essential Addons for Elementor impacts hundreds of thousands of websites |
| Samba fixed CVE-2021-44142 remote code execution flaw |
| CISA adds 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog |
| Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP |
| Hackers stole $80M worth of cryptocurrency from the Qubit DeFi platform DeepDotWeb admin sentenced to 97 months in prison for money laundering scheme |
| Expert earned $100,500 bounty to hack Apple MacBook webcam and microphone |
| Americans lost $770 million from social media fraud in 2021, FTC reports |
| Hybrid cloud campaign OiVaVoii targets company executives |
| Expert releases PoC for CVE-2022-21882 Windows local privilege elevation issue |
| Novel device registration trick enhances multi-stage phishing attacks |
Follow me on Twitter: @securityaffairs and Facebook
|
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 352 appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
