Security Affairs newsletter Round 369 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers
HID Mercury Access Controller flaws could allow to unlock Doors
Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal
PACMAN, a new attack technique against Apple M1 CPUs
Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign
Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques
Vice Society ransomware gang adds the Italian City of Palermo to its data leak site
Symbiote, a nearly-impossible-to-detect Linux malware
Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia
New Emotet variant uses a module to steal data from Google Chrome
Tainted CCleaner Pro Cracker spreads via Black Seo campaign
0Patch released unofficial security patch for new DogWalk Windows zero-day
US dismantled and seized SSNDOB cybercrime marketplace
China-linked threat actors have breached telcos and network service providers
Black Basta ransomware now supports encrypting VMware ESXi servers
Evil Corp gang starts using LockBit Ransomware to evade sanctions
Black Basta ransomware operators leverage QBot for lateral movements
Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant
Microsoft seized 41 domains used by Iran-linked Bohrium APT
Another nation-state actor exploits Microsoft Follina to attack European and US entities
Red TIM Research discovers a Command Injection with a 9,8 score on Resi
Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies
PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online
Security Affairs newsletter Round 368 by Pierluigi Paganini
Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club
Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”)

To nominate, please visit: 

https://docs.google.com/forms/d/e/1FAIpQLSdNDzjvToMSq36YkIHQWwhma90SR0E9rLndflZ3Cu_gVI2Axw/viewform

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 369 by Pierluigi Paganini appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source