Security Affairs newsletter Round 354
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
| CISA compiled a list of free cybersecurity tools and services |
| White House and UK Gov attribute DDoS attacks on Ukraine to Russia’s GRU |
| UpdraftPlus WordPress plugin update forced for million sites |
| Google Privacy Sandbox promises to protect user privacy online |
| Iran-linked TunnelVision APT is actively exploiting the Log4j vulnerability |
| CVE-2021-44731 Linux privilege escalation bug affects Canonical’s Snap Package Manager |
| Researchers created a PoC exploit for recently disclosed critical Magento CVE-2022-24086 bug |
| Threat actors leverage Microsoft Teams to spread malware |
| Specially crafted emails could crash Cisco ESA devices |
| European Data Protection Supervisor call for bans on surveillance spyware like Pegasus New Kraken botnet is allowing operators to earn USD 3,000 every month |
| Nation-state actors hacked Red Cross exploiting a Zoho bug |
| Russia-linked threat actors breached US cleared defense contractors (CDCs) |
| Trickbot targets customers of 60 High-Profile companies |
| Experts disclose details of Apache Cassandra DB RCE |
| CISA added 9 new flaws to the Known Exploited Vulnerabilities Catalog, including Magento e Chrome bugs |
| VMware fixes flaws demonstrated at Chinese Tianfu Cup hacking contest |
| Ukraine: Military defense agencies and banks hit by cyberattacks |
| QNAP extends security Updates for some EOL devices |
| BlackCat gang claimed responsibility for Swissport ransomware attack Google fixes a Chrome zero-day flaw actively exploited in attacks |
| Remote sex toys might spice up your love life – but crooks could also get a kick out of them |
| SSU: Russia-linked actors are targeting Ukraine with ‘massive wave of hybrid warfare’ |
| BlackByte ransomware breached at least 3 US critical infrastructure organizations |
| European Central Bank tells banks to step up defences against nation-state attacks |
| Critical Magento zero-day flaw CVE-2022-24086 actively exploited |
| Alleged ransomware attack disrupted operations at Slovenia’s Pop TV station |
| Organizations paid at least $602 million to ransomware gangs in 2021 |
| San Francisco 49ers NFL team discloses BlackByte ransomware attack |
| Analyzing Phishing attacks that use malicious PDFs |
Follow me on Twitter: @securityaffairs and Facebook
|
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 354 appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
