Security Affairs newsletter Round 386
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
| CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities Catalog |
| Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries |
| Luxury hotel chain Shangri-La suffered a security breach |
| Witchetty APT used steganography in attacks against Middle East entities |
| US DoD announced the results of the Hack US bug bounty challenge |
| Microsoft confirms Exchange zero-day flaws actively exploited in the wild |
| Unpatched Microsoft Exchange Zero-Day actively exploited in the wild |
| Experts uncovered novel Malware persistence within VMware ESXi Hypervisors |
| Hacker groups support protestors in Iran using Telegram, Signal and Darkweb A cracked copy of Brute Ratel post-exploitation tool leaked on hacking forums |
| Go-based Chaos malware is rapidly growing targeting Windows, Linux and more |
| Threat actors use Quantum Builder to deliver Agent Tesla malware |
| ONLINE DISINFORMATION: Under the hood of a Doppelgänger |
| APT28 relies on PowerPoint Mouseover to deliver Graphite malware |
| Bl00dy ransomware gang started using leaked LockBit 3.0 builder in attacks |
| NUVOLA: the new Cloud Security tool |
| Meta dismantled the largest Russian network since the war in Ukraine began |
| North Korea-linked Lazarus continues to target job seekers with macOS malware |
| Defense firm Elbit Systems of America discloses data breach WhatsApp fixed critical and high severy vulnerabilities |
| Erbium info-stealing malware, a new option in the threat landscape |
| Mandiant identifies 3 hacktivist groups working in support of Russia |
| Russia prepares massive cyberattacks on the critical infrastructure of Ukraine and its allies |
| China-linked TA413 group targets Tibetan entities with new backdoor |
| Metador, a never-before-seen APT targeted ISPs and telco for about 2 years |
| Exmatter exfiltration tool used to implement new extortion tactics |
| Attackers impersonate CircleCI platform to compromise GitHub accounts |
| OpIran: Anonymous declares war on Teheran amid Mahsa Amini’s death |
Follow me on Twitter: @securityaffairs and Facebook
|
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 386 appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
