Security Affairs newsletter Round 343

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users
German BSI agency warns of ransomware attacks over Christmas holidays
Cuba ransomware gang hacked 49 US critical infrastructure organizations
CISA warns of vulnerabilities in Hitachi Energy products
NSO Group spyware used to compromise iPhones of 9 US State Dept officials
KAX17 threat actor is attempting to deanonymize Tor users running thousands of rogue relays
Threat actors stole $120 M in crypto from BadgerDAO DeFi platform
Watch out for Omicron COVID-19-themed phishing messages!
CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issues
Russian internet watchdog Roskomnadzor bans six more VPN services
NginRAT – A stealth malware targets e-store hiding on Nginx servers
Europol arrested 1800 money mules as part of an anti-money-laundering operation
Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library
VirusTotal Collections allows enhancing the sharing of Indicators of Compromise (IoCs)
New RTF Template Inject technique used by APT groups in recent attacks
FBI training document shows lawful access to multiple encrypted messaging apps
Sabbath Ransomware target critical infrastructure in the US and Canada
Play the Opera Please – Opera patches a flaw in their turbo servers
New EwDoor Botnet is targeting AT&T customers
Critical Printing Shellz flaws impact 150 HP multifunction printer models
WIRTE APT group targets the Middle East since at least 2019
4 Android banking trojans were spread via Google Play infecting 300.000+ devices
Google experts found 2 flaws in video conferencing software Zoom
Panasonic confirmed that its network was illegally accessed by attackers
Experts warn of attacks exploiting CVE-2021-40438 flaw in Apache HTTP Server
Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition
Israel cut cyber export list, excluding totalitarian regimesa
French court indicted Nexa Technologies for complicity in acts of torture
RATDispenser, a new stealthy JavaScript loader used to distribute RATs
North Korea-linked Zinc group posed as Samsung recruiters to target security firms
0patch releases unofficial patches for CVE-2021-24084 Windows 10 zero-day

F

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 343 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source