Security Affairs newsletter Round 359 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
| Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church |
| UK Police charges two teenagers for their alleged role in the Lapsus$ extortion group |
| Beastmode Mirai botnet now includes exploits for Totolink routers |
| Ukraine intelligence leaks names of 620 alleged Russian FSB agents |
| Critical CVE-2022-1162 flaw in GitLab allowed threat actors to take over accounts |
| Trend Micro fixed high severity flaw in Apex Central product management console |
| Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked |
| AcidRain, a wiper that crippled routers and modems in Europe |
| Zyxel fixes a critical bug in its business firewall and VPN devices |
| CISA adds Sophos firewall bug to Known Exploited Vulnerabilities Catalog Flaws in Wyze cam devices allow their complete takeover |
| Apple issues emergency patches to fix actively exploited zero-days |
| Google TAG details cyber activity with regard to the invasion of Ukraine |
| Anonymous hacked Russian Thozis Corp, but denies attacks on Rosaviatsia |
| Mysterious disclosure of a zero-day RCE flaw Spring4Shell in Spring |
| Bad OPSEC allowed researchers to uncover Mars stealer operation |
| A critical RCE vulnerability affects SonicWall Firewall appliances |
| CISA and DoE warns of attacks targeting UPS devices |
| Lapsus$ extortion gang claims to have hacked IT Giant Globant |
| Threat actors actively exploit recently fixed Sophos firewall bug $625M stolen from Axie Infinity ‘s Ronin bridge, the largest ever crypto hack |
| Compromised WordPress sites launch DDoS on Ukrainian websites |
| CISA adds Chrome, Redis bugs to the Known Exploited Vulnerabilities Catalog |
| What is credential stuffing? And how to prevent it? |
| Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure |
| Anonymous is working on a huge data dump that will blow Russia away |
| Hive ransomware ports its encryptor to Rust programming language |
| Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability |
| While Twitter suspends Anonymous accounts, the group hacked VGTRK Russian Television and Radio |
| GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon Shopping trap: The online stores’ scam that hits users worldwide |
| Sophos Firewall affected by a critical authentication bypass flaw |
| Mar 20- Mar 26 Ukraine – Russia the silent cyber conflict |
| Security Affairs newsletter Round 358 by Pierluigi Paganini |
| Western Digital addressed a critical bug in My Cloud OS 5 |
| CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog |
Follow me on Twitter: @securityaffairs and Facebook
|
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 359 by Pierluigi Paganini appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
