Security Affairs newsletter Round 367 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks
The strange link between Industrial Spy and the Cuba ransomware operation
Reuters: Russia-linked APT behind Brexit leak website
GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack
Android pre-installed apps are affected by high-severity vulnerabilities
GhostTouch: how to remotely control touchscreens with EMI
FBI: Compromised US academic credentials available on various cybercrime forums
ERMAC 2.0 Android Banking Trojan targets over 400 apps
Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw
Exposed: the threat actors who are poisoning Facebook
Zyxel addresses four flaws affecting APs, AP controllers, and firewalls
Experts warn of a new malvertising campaign spreading the ChromeLoader
Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed
Italy announced its National Cybersecurity Strategy 2022/26
Unknown APT group is targeting Russian government entities
Internationa police operation led to the arrest of the SilverTerrier gang leader
Chaining Zoom bugs is possible to hack users in a chat by sending them a message
CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog
Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT
Microsoft warns of new highly evasive web skimming campaigns
Nation-state malware could become a commodity on dark web soon, Interpol warns
Russia-linked Turla APT targets Austria, Estonia, and NATO platform
Russia-linked Fronton botnet could run disinformation campaigns
A flaw in PayPal can allow attackers to steal money from users’ account
Cytrox’s Predator spyware used zero-day exploits in 3 campaigns
Threat actors target the infoSec community with fake PoC exploits
Security Affairs newsletter Round 366 by Pierluigi Paganini
North Korea-linked Lazarus APT uses Log4J to target VMware servers
The Pwn2Own Vancouver 2022: Trend Micro and ZDI awarded $1,155,000

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”)

To nominate, please visit: 

https://docs.google.com/forms/d/e/1FAIpQLSdNDzjvToMSq36YkIHQWwhma90SR0E9rLndflZ3Cu_gVI2Axw/viewform

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 367 by Pierluigi Paganini appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source