Security Affairs newsletter Round 290

Pierluigi Paganini November 22, 2020

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

Chilean-based retail giant Cencosud hit by Egregor Ransomware
ShinyHunters hacked Pluto TV service, 3.2M accounts exposed
The North Face website suffered a credential stuffing attack
Crooks use software skimmer that pretends to be a security firm
Lazarus malware delivered to South Korean users via supply chain attacks
New Jupyter information stealer appeared in the threat landscape
New skimmer attack uses WebSockets to evade detection
Unprotected database exposed a scam targeting 100K+ Facebook accounts
246869 Windows systems are still vulnerable to the BlueKeep flaw
At-Risk Meeting Notifier Zoom feature alerts meeting organizers of Zoombombing risk
Chinese APT FunnyDream targets a South East Asian government
Expert publicly discloses PoC code for critical RCE issues in Cisco Security Manager
Happy birthday, Security Affairs celebrates its ninth Anniversary today
Unixfreaxjp at #R2CON2020 presented shellcode basics for radare2
VoltPillager: Hardware-based fault injection attacks against Intel SGX enclaves
China-linked APT10 leverages ZeroLogon exploits in recent attacks
Cisco fixed flaws in WebEx that allow ghost participants in meetings
Large-scale campaign targets vulnerable Epsilon Framework WordPress themes
Office 365 phishing campaign uses redirector URLs and detects sandboxes to evade detection
Phishing campaign targets LATAM e-commerce users with Chaes Malware
The Defeated President Trump fired CISA chief Chris Krebs
A flaw in GO SMS Pro App allows accessing media messages
Drupal addressed CVE-2020-13671 Remote Code Execution flaw
Nation-state actors from Russia, China, Iran, and North Korea target Canada
New Grelos skimmer variant reveals murkiness in tracking Magecart operations
REvil ransomware demands 500K ransom to hosting provider
We infiltrated an IRC botnet. Heres what we found
A flaw in Facebook Messenger could have allowed spying on users
Mitsubishi Electric Corp. was hit by a new cyberattack
October Mumbai power outage may have been caused by a cyber attack
QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor
VMware addresses flaws exploited at recent Tianfu Cup
Dutch tech reporter gatecrashes EU defence secret video conference
Experts warn of mass-scanning for ENV files left unsecured online
Manchester United hit by ‘sophisticated cyber attack
UK reveals new National Cyber Force to improve offensive cyber capabilities

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment