Security Affairs newsletter Round 398 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
| Samba addressed multiple high-severity vulnerabilities |
| Former Twitter employee sentenced to 3.5 years in jail for spying on behalf of Saudi Arabia |
| Social Blade discloses security breach |
| Data of 5.7M Gemini users available for sale on hacking forums |
| December 16, 2022 By Pierluigi Paganini Posted In Breaking News Cyber Crime Data Breach Hacking |
| CISA adds Veeam Backup and Replication bugs to Known Exploited Vulnerabilities Catalog |
| MCCrash botnet targets private Minecraft servers, Microsoft warns |
| Microsoft revised CVE-2022-37958 severity due to its broader scope |
| Chinese MirrorFace APT group targets Japanese political entities Database of the FBI’s InfraGard US Critical Infrastructure Intelligence portal available for sale |
| FBI seized 48 domains linked to DDoS-for-Hire service platforms |
| Crooks use HTML smuggling to spread QBot malware via SVG files |
| GoTrim botnet actively brute forces WordPress and OpenCart sites |
| December 2022 Patch Tuesday fixed 2 zero-day flaws |
| Apple fixed the tenth actively exploited zero-day this year |
| 3.5m IP cameras exposed, with US in the lead |
| VMware fixed critical VM Escape bug demonstrated at Geekpwn hacking contest |
| Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway |
| Lockbit ransomware gang hacked California Department of Finance Experts detailed a previously undetected VMware ESXi backdoor |
| Twitter says recently leaked user data are from 2021 breach |
| Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug |
| Indian foreign ministry’s Global Pravasi Rishta portal leaks expat passport details |
| Cryptomining campaign targets Linux systems with Go-based CHAOS Malware |
| Evilnum group targets legal entities with a new Janicab variant |
| TrueBot infections were observed in Clop ransomware attacks |
| Pwn2Own Toronto 2022 Day 4: $989K awarded for 63 unique zero-days |
| MuddyWater APT group is back with updated TTPs |
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
|
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 398 by Pierluigi Paganini appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
