Security Affairs newsletter Round 330
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the international press subscribe here.
| SEC warns of investment scams related to Hurricane Ida |
| Apple will delay the rollout of new child pornography protection tools |
| FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads |
| Source code for the Babuk is available on a hacking forum |
| USCYBERCOM and CISA warn organizations to fix CVE-2021-26084 Confluence flaw |
| Conti ransomware gang targets Microsoft Exchange servers with ProxyShell exploits |
| PRIVATELOG, a new malware that leverages Common Log File System (CLFS) to avoid detection |
| FBI warns of ransomware attacks targeting the food and agriculture sector |
| Attacks against SolarWinds Serv-U SW were possible due to the lack of ASLR mitigation |
| WhatsApp CVE-2020-1910 bug could have led to user data exposure |
| New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices |
| Attackers are attempting to exploit recently patched Atlassian Confluence CVE-2021-26084 RCE |
| Cyber Defense Magazine – September 2021 has arrived. Enjoy it! |
| Cisco fixes a critical flaw in Enterprise NFVIS for which PoC exploit exists |
| Google paid over $130K in bounty rewards for the issues addressed with the release of Chrome 93 |
| Mozi infections will slightly decrease but it will stay alive for some time to come |
| QNAP will patche OpenSSL flaws in its NAS devices |
| SEC announces sanctions against entities over email account hacking |
| Watch out, ransomware attack risk increases on holidays and weekends, FBI and CISA |
| LockBit ransomware operators leak 200GB of data belonging to Bangkok Airways |
| LockFile Ransomware uses a new intermittent encryption technique |
| Threat actors can remotely disable Fortress S03 Wi-Fi Home Security System |
| HPE wars customers of Sudo flaw in Aruba AirWave Management Platform |
| Threat actors stole $29 million worth of crypto assets from Cream Finance |
| Microsoft Exchange ProxyToken flaw can allow attackers to read your emails |
| US DoJ announces the creation of Cyber Fellowship Program |
| ISRAELI FIRM ‘BRIGHT DATA’ (LUMINATI NETWORKS) ENABLED THE ATTACKS AGAINST KARAPATAN |
| CISA urges enterprises to fix Microsoft Azure Cosmos DB flaw |
| Boston Public Library discloses cyberattack |
| New variant of Konni RAT used in a campaign that targeted Russia |
| 1 GB of data belonging to Puma available on Marketo |
| DDoS attacks target the Philippine human rights alliance Karapatan |
| Some Synology products impacted by recently disclosed OpenSSL flaws |
Follow me on Twitter: @securityaffairs and Facebook
|
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
If you want to also receive for free the international press subscribe here.
Follow me on Twitter: @securityaffairs and Facebook
|
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
If you want to also receive for free the international press subscribe here.
Follow me on Twitter: @securityaffairs and Facebook
The post Security Affairs newsletter Round 330 appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
