Security Affairs newsletter Round 377
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
News
GwisinLocker ransomware exclusively targets South Korea
Researchers spotted a new family of ransomware, named GwisinLocker, that encrypts Windows and Linux ESXi servers. Researchers warn of a...
Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports
Greek intelligence admitted it had spied on a journalist, while citizens ask the government to reveal the use of surveillance...
Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes
Slack is resetting passwords for approximately 0.5% of its users after a bug exposed salted password hashes when users created...
Twitter confirms zero-day used to access data of 5.4 million accounts
Twitter confirmed that the recent data breach that exposed data of 5.4 million accounts was caused by the exploitation of...
Well-Architected Framework: Sustainability
One of the key pillars of the AWS Well-Architected Framework (WAF) is sustainability: the idea that cloud applications should be...
Cyber Insurance Market 2022: FAQs & Updates with iBynd
iBynd VP of Insurance, Tim Logan, and Trend Micro’s Cyber Risk Specialist Vince Kearns provide insights on cyber insurance must-haves,...
The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases
Dark Utilities “C2-as-a-Service” is attracting a growing number of customers searching for a command-and-control for their campaigns. The popularity of the...
DHS warns of critical flaws in Emergency Alert System encoder/decoder devices
The U.S. DHS warns of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices. The Department of Homeland Security...
CISA adds Zimbra email bug to Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds a recently disclosed flaw in the Zimbra email suite to its Known Exploited...
Mysterious threat actor TAC-040 used previously undetected Ljl Backdoor
A threat actor, tracked as TAC-040, exploited Atlassian Confluence flaw CVE-2022-26134 to deploy previously undetected Ljl Backdoor. Cybersecurity firm Deepwatch...
New Linux botnet RapperBot brute-forces SSH servers
RapperBot is a new botnet employed in attacks since mid-June 2022 that targets Linux SSH servers with brute-force attacks. Researchers...
New Woody RAT used in attacks aimed at Russian entities
An unknown threat actor is targeting Russian organizations with a new remote access trojan called Woody RAT. Malwarebytes researchers observed an...
Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction
A critical flaw in multiple models of DrayTek Vigor routers can allow unauthenticated, remote attackers to fully compromise affected devices....
Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit
Taiwan government websites were temporarily forced offline by cyber attacks during the visit to Taipei of US House Speaker Nancy...
Hackers stole $200 million from the Nomad crypto bridge
The cryptocurrency bridge Nomad is the last victim of a cyber heist, threat actors stole almost $200 million of its...
For months, JusTalk messages were accessible to everyone on the Internet
JusTalk, a popular mobile video calling and messaging app with 20 million global users, exposed a massive database of supposedly...
Cisco addressed critical flaws in Small Business VPN routers
Cisco fixes critical remote code execution vulnerability, tracked as CVE-2022-20842, impacting Small Business VPN routers. Cisco addressed a critical security...
DDoS attacks in Q2 2022
News overview Politically-motivated cyberattacks dominated the DDoS landscape in the second quarter of 2022 just as they did in the...
Lessons from the Russian Cyber Warfare Attacks
Trend Micro experts discuss how the prominence of cyberwarfare in a hyper-connected world is a call for enhanced cyber risk...
US-CERT Bulletin (SB22-213):Vulnerability Summary for the Week of July 25, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Power semiconductor component manufacturer Semikron suffered a ransomware attack
Semikron, a German-based independent manufacturer of power semiconductor components, suffered a ransomware cyberattck. Semikron is a German-based independent manufacturer of power semiconductor components, it...
Manjusaka, a new attack tool similar to Sliver and Cobalt Strike
Researchers spotted a Chinese threat actors using a new offensive framework called Manjusaka which is similar to Cobalt Strike. Talos...
Google fixed Critical Remote Code Execution flaw in Android
Google addressed a critical vulnerability in Android OS, tracked as CVE-2022-20345, that can be exploited to achieve remote code execution...
