Security Affairs newsletter Round 350
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
| Pay attention to Log4j attacks, Dutch National Cybersecurity Centre (NCSC) warns |
| Vulnerabilities in Control Web Panel potentially expose Linux Servers to hack |
| US Treasury Department sanctions 4 Ukrainian officials for working with Russian intelligence |
| A bug in McAfee Agent allows running code with Windows SYSTEM privileges |
| Experts warn of anomalous spyware campaigns targeting industrial firms |
| Google Project Zero discloses details of two Zoom zero-day flaws |
| MoonBounce UEFI implant spotted in a targeted APT41 attack |
| Conti ransomware gang started leaking files stolen from Bank Indonesia |
| FBI links the Diavol ransomware to the TrickBot gang |
| Cisco StarOS flaws could allow remote code execution and information disclosure Crypto.com hack impacted 483 accounts and resulted in a $34 million theft |
| Red Cross hit by a sophisticated cyberattack |
| New BHUNT Stealer targets cryptocurrency wallets |
| SolarWinds Serv-U bug exploited by threat actors in the wild, Microsoft warns |
| New DDoS IRC Bot distributed through Korean webHard platforms |
| UK NCSC shares guidance for organizations to secure their communications with customers |
| CISA warns of potential critical threats following attacks against Ukraine |
| Box flaw allowed to bypass MFA and takeover accounts |
| Is White Rabbit ransomware linked to FIN8 financially motivated group? |
| AlphV/BlackCat ransomware gang published data stolen from fashion giant Moncler Financially motivated Earth Lusca threat actors targets organizations worldwide |
| Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs |
| Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues |
| A small number of Crypto.com users reported suspicious activity on their wallet |
| Oracle Critical Patch Update for January 2022 will fix 483 new flaws |
| Zoho fixes a critical vulnerability (CVE-2021-44757) in Desktop Central solutions |
| High-Severity flaw in 3 WordPress plugins impacts 84,000 websites |
| Experts warn of attacks using a new Linux variant of SFile ransomware |
| Kyiv blames Belarus-linked APT UNC1151 for recent cyberattack |
| European Union simulated a cyber attack on a fictitious Finnish power company Microsoft spotted a destructive malware campaign targeting Ukraine |
| A new wave of Qlocker ransomware attacks targets QNAP NAS devices |
| Threat actors stole $18.7M from the Lympo NTF platform |
Follow me on Twitter: @securityaffairs and Facebook
|
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 350 appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
