Security Affairs newsletter Round 257

Pierluigi Paganini March 29, 2020

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Coronavirus-themed attacks March 15 – March 21, 2020
Google addresses high severity bugs in Chrome
Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records
Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records
538 Million Weibo users records being sold on Dark Web
Botnet operators target multiple zero-day flaws in LILIN DVRs
Coronavirus-themed campaign delivers a new variant of Netwalker Ransomware
Microsoft warns of targeted attacks exploiting Windows zero-day flaws
Operation Pangea: Europol dismantles criminal gangs selling coronavirus medicine, surgical masks
The University of Utah Health discloses security breach
Adobe addressed a critical vulnerability in Adobe Creative Cloud App that allows deleting files
Fortune 500 tech giant General Electric (GE) discloses data breach after Canon hack
MalwareBazaar – welcome to the abuse-ch malware repository
New York Attorney General asks domain registrars to crack down on coronavirus scam sites
WildPressure, a new APT group targets the Middle Easts industrial sector
China-linked APT41 group exploits Citrix, Cisco, Zoho flaws
Fake Coronavirus Finder spread Ginp Mobile Banker
Tor Browser 9.0.7 addresses a flaw that could allow unmasking Tor users
Tupperware website has been compromised with a payment card skimmer
FBI shuts down the Russian-based hacker platform DEER.IO
Hackers hijack D-Link and Linksys routers to point users to coronavirus-themed sites serving malware
Operation Poisoned News: Hong Kong iOS users targeted with watering hole attacks
Stealing videos from VLC
WordPress WP-VCD malware delivered via pirated Coronavirus plugins
0patch releases free unofficial patches for Windows 0days exploited in the wild
A missing authorization check in WordPre WPvivid plugin that can lead to the exposure of the database and all files
Google issued 40,000 alerts of State-Sponsored attacks in 2019
New financially motivated attacks in Western Europe traced to Russian-speaking threat actors
Ryuk Ransomware operators continue to target hospitals during COVID19 outbreak
AMD admits hacker stole source code files related to its GPUs
Critical buffer overflow in CODESYS allows remote code execution
Hackers target zero-day flaws in enterprise Draytek network devices
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment