Security Affairs newsletter Round 289

Pierluigi Paganini November 15, 2020

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

Creative Office 365 phishing inverts images to avoid detection bots
Luxottica data breach exposes info of LensCrafters and EyeMed patients
Pwn2Own Tokyo Day 3: Team Flashback crowned Master of Pwn
Compal, the Taiwanese giant laptop manufacturer hit by ransomware
E-commerce platform X-Cart hit by a ransomware attack
FBI warns of attacks on unsecured SonarQube used by US govt agencies and businesses
Tianfu Cup 2020 – 5 minutes to hack Windows 10, Ubuntu iOS, VMWare EXSi, and others
xHunt hackers hit Microsoft Exchange with two news backdoors
Adobe fixes flaws in Connect and Reader Mobile
Flaws in WordPress Ultimate Member plugin expose 25K sites to hack
Malicious NPM project steals browser info and Discord accounts
Prestige reservation platform exposes millions of hotel guests
Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike
Tetrade hackers target 112 financial apps with Ghimob banking Trojan
EU bodies agree on new EU export rules for dual-use technology
Former Microsoft worker sentenced to nine years in prison for stealing $10+ million
Google and Mozilla fixed issues exploited at 2020 Tianfu Cup hacking contest
Microsoft Patch Tuesday fixes CVE-2020-17087 currently under active exploitation
Muhstik botnet adds Oracle WebLogic and Drupal exploits
Ragnar Locker ransomware gang advertises Campari hack on Facebook
The alleged decompiled source code of Cobalt Strike toolkit leaked online
46M accounts were impacted in the data breach of childrens online playground Animal Jam
Costaricto APT: Cyber mercenaries use previously undocumented malware
Google addresses two new Chrome zero-day flaws
New modular ModPipe POS Malware targets restaurants and hospitality sectors
Swedish court suspended the ban on Huawei equipment
Hacker stole $2 million worth of Dai cryptocurrency from Akropolis
New TroubleGrabber malware targets Discord users
Security flaws in Schneider Electric PLCs allow full take over
Three APT groups have targeted at least seven COVID-19 vaccine makers
Vertafore data breach exposed data of 27.7 million Texas drivers
Biotech research firm Miltenyi Biotec hit by Mount Locker ransomware
CISA Chief Chris Krebs expects to be fired by the White House
Schneider Electric published a security advisory on Drovorub Linux Malware
[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment