Security Affairs newsletter Round 292

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

A critical flaw in industrial automation systems opens to remote hack
Crooks stole 800,000€ from ATMs in Italy with Black Box attack
Operators behind Dark Caracal are still alive and operational
Sopra Steria estimates financial Impact of ransomware attack could reach €50 Million
Delaware County, Pennsylvania, opted to pay 500K ransom to DoppelPaymer gang
Exclusive: Experts from TIMs Red Team Research (RTR) found 6 zero-days
Exploring malware to bypass DNA screening and lead to ‘biohacking attacks
University of Vermont Medical Center has yet to fully recover from October cyber attack
Baltimore County Schools close after a ransomware attack
DarkIRC botnet is targeting the critical Oracle WebLogic CVE-2020-14882
French pharmaceuticals distribution platform Apodis Pharma leaking 1.7+ TB of confidential data
Malicious npm packages spotted delivering njRAT Trojan
Talos reported WebKit flaws in WebKit that allow Remote Code Execution
UK gov bans new Huawei equipment installs after Sept 2021
Vietnam-linked Bismuth APT leverages coin miners to stay under the radar
APT groups targets US Think Tanks, CISA, FBI warn
Google discloses a zero-click Wi-Fi exploit to hack iPhone devices
K12 education giant paid the ransom to the Ryuk gang
Multi-Vector Miner+Tsunami Botnet with SSH Lateral Movement
Russia-linked APT Turla used a new malware toolset named Crutch
A scan of 4 Million Docker images reveals 51% have critical flaws
Clop Ransomware gang claims to have stolen 2 million credit cards from E-Land
Hackers are targeting COVID-19 vaccine cold chain
TrickBoot feature allows TrickBot bot to run UEFI attacks
Egregor ransomware attack paralyzed for 3 days payment systems at Metro Vancouvers transportation agency TransLink
Hackers hide software skimmer in social media sharing icons
Hundreds of millions of Android users exposed to hack due to CVE-2020-8913
Iranian hackers access unsecured HMI at Israeli Water Facility
Islamic imprisoned hacker Ardit Ferizi ordered to be deported
Recently disclosed CVE-2020-4006 VMware zero-day was reported by NSA
Cyber mercenaries group DeathStalker uses a new backdoor
Human resource consulting giant Randstad hit by Egregor ransomware

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 292 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

MANY THANKS GO TO THE

Original Source