Security Affairs newsletter Round 351
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
QNAP force-installs update against the recent wave of DeadBolt ransomware infections |
US FCC bans China Unicom Americas telecom over national security risks |
NCSC warns UK entities of potential destructive cyberattacks from Russia |
Finnish diplomats’ devices infected with Pegasus spyware |
Zerodium offers $400,000 for Microsoft Outlook RCE zero-day exploits |
Delta Electronics, a tech giants’ contractor, hit by Conti ransomware |
Experts devise a technique to bypass Microsoft Outlook Security feature |
Puerto Rico was hit by a major cyberattack |
North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks Popular apps left biometric data, IDs of millions of users in danger |
Microsoft mitigated a 3.47 Tbps DDoS attack, the largest one to date |
Lockbit ransomware gang claims to have hacked Ministry of Justice of France |
A new highly evasive technique used to deliver the AsyncRAT Malware |
Experts analyze first LockBit ransomware for Linux and VMware ESXi |
Apple fixed the first two zero-day vulnerabilities of 2022 |
German intelligence agency warns of China-linked APT27 targeting commercial organizations |
New DeadBolt ransomware targets QNAP NAS devices |
VMware urges customers to patch VMware Horizon servers against Log4j attacks |
PwnKit: Local Privilege Escalation bug affects major Linux distros PrinterLogic fixes high severity flaws in Printer Management Suite |
Segway e-store compromised in a Magecart attack to steal credit cards |
UK NCSC is going to release Nmap scripts to find unpatched vulnerabilities |
Sophisticated attackers used DazzleSpy macOS backdoor in watering hole attacks |
Attackers are actively targeting critical RCE bug in SonicWall Secure Mobile Access |
Latest version of Android RAT BRATA wipes devices after stealing data |
A flaw in Rust Programming language could allow to delete files and directories |
Tens of AccessPress WordPress themes compromised as part of a supply chain attack |
Russian authorities arrested the kingpin of cybercrime Infraud Organization |
Emotet spam uses unconventional IP address formats to evade detection Crooks tampering with QR Codes to steal victim money and info, FBI warns |
F5 fixes 25 flaws in BIG-IP, BIG-IQ, and NGINX products |
OpenSubtitles data breach impacted 7 million subscribers |
US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog |
Molerats cyberespionage group uses public cloud services as attack infrastructure |
Follow me on Twitter: @securityaffairs and Facebook
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 351 appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.