Security Affairs newsletter Round 390
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
Daixin Team targets health organizations with ransomware, US agencies warn |
Threat actors exploit critical flaw in VMware Workspace ONE Access to drop ransomware, miners |
EnergyAustralia Electricity company discloses security breach |
Experts warn of CVE-2022-42889 Text4Shell exploit attempts |
CISA adds Linux kernel flaw CVE-2021-3493 to its Known Exploited Vulnerabilities Catalog |
GUAC – A Google Open Source Project to secure software supply chain |
News URSNIF variant doesn’t support banking features |
Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients |
Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update BlueBleed: Microsoft confirmed data leak exposing customers’ info |
Internet disruptions observed as Russia targets critical infrastructure in Ukraine |
Brazilian police arrested a man suspected of being a member of LAPSUS$ gang |
Experts discovered millions of .git folders exposed to public |
Text4Shell, a remote code execution bug in Apache Commons Text library |
Researchers share of FabriXss bug impacting Azure Fabric Explorer |
The missed link between Ransom Cartel and REvil ransomware gangs |
Microsoft Office 365 Message Encryption (OME) doesn’t ensure confidentiality |
Law enforcement arrested 31 suspects for stealing cars by hacking key fobs |
China-linked APT41 group targets Hong Kong with Spyder Loader Critical Remote Code Execution issue impacts popular post-exploitation toolkit Cobalt Strike |
Over 17000 Fortinet devices exposed online are very likely vulnerable to CVE-2022-40684 |
CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration |
Retail giant Woolworths discloses data breach of MyDeal online marketplace |
New UEFI rootkit Black Lotus offered for sale at $5,000 |
Japanese tech firm Oomiya hit by LockBit 3.0. Multiple supply chains potentially impacted |
Bulgaria hit by a cyber attack originating from Russia |
Interpol arrested 75 members of the cybercrime ring Black Axe |
45,654 VMware ESXi servers reached End of Life on Oct. 15 |
Mysterious Prestige ransomware targets organizations in Ukraine and Poland |
Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug |
Follow me on Twitter: @securityaffairs and Facebook
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 390 appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.