Security Affairs newsletter Round 387

Pierluigi Paganini October 09, 2022

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

BlackByte Ransomware abuses vulnerable driver to bypass security solutions
Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
VMware fixed a high-severity bug in vCenter Server
Fortinet urges customers to immediately fix a critical authentication bypass flaw in FortiGate and FortiProxy
Hacker stole $566 million worth of Binance Coins from Binance Bridge
LilithBot Malware, a new MaaS offered by the Eternity Group
Watch out, a bug in Linux Kernel 5.19.12 can damage displays on Intel laptops
Cisco fixed two high-severity bugs in Communications, Networking Products
City of Tucson Data Breach impacted 123,500 individuals
19-Year-Old man arrested for misusing leaked record from Optus Breach
“Egypt Leaks” – Hacktivists are Leaking Financial Data
Avast releases a free decryptor for some Hades ransomware variants
New Maggie malware already infected over 250 Microsoft SQL servers
Telstra Telecom discloses data breach impacting former and current employees
OnionPoison: malicious Tor Browser installer served through a popular Chinese YouTube channel
A flaw in the Packagist PHP repository could have allowed supply chain attacks
Lazarus APT employed an exploit in a Dell firmware driver in recent attacks
Linux Cheerscrypt ransomware is linked to Chinese DEV-0401 APT group
Microsoft mitigations for recently disclosed Exchange zero-days can be easily bypassed
Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor
RansomEXX gang claims to have hacked Ferrari and leaked online internal documents
Finnish intelligence warns of Russia’s cyberespionage activities
Reflected XSS bugs in Canon Medical ’s Vitrea View could expose patient info
BlackCat ransomware gang claims to have hacked US defense contractor NJVC
German police identified a gang that stole €4 million via phishing attacks

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment