Security Affairs newsletter Round 207 – News of the week

Pierluigi Paganini March 31, 2019

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

Federal Emergency Management Agencys (FEMA) data leak exposes data of 2.3M survivors
Malware Static Analysis
Microsoft Defender APT now protects also macOS
WordPress Social Warfare plugin zero-day exploited in attacks
Anubis II – malware and afterlife
Free Tools: spotting APTs through Malware streams
Hackers raised fake tornado alarms in two Texas towns
Operation ShadowHammer – Supply-Chain attack hit ASUS users
PewDiePie ransomware oblige users subscribe to PewDiePie YouTube channel
Telegram allows users to delete any sent/received message from both sides with no time limit
How to get back files encrypted by the Hacked Ransomware for free
iOS 12.2 update addresses some troubling vulnerabilities
Microsoft experts found high severity flaws in Huawei PCManager
The Ursnif Gangs keep Threatening Italy
Whitehat settings allow white hat hackers to Test Facebook mobile apps
A new AZORult C++ variant can establish RDP connections
Experts found 36 vulnerabilities in the LTE protocol
LUCKY ELEPHANT campaign targets South Asian governments
Norsk Hydro estimates losses between $35M – $41M in the first week after cyberattack
Operation SaboTor – Police arrested 61 vendors and buyers in the dark web
Android Trojan Gustuff capable of targeting more than 100 global banking apps, cryptocurrency and marketplace applications
ASUS fixes supply chain of Live Update tool hit in Operation ShadowHammer
Gustuff Android banking trojan targets 125+ banking, and 32 cryptocurrency apps
Lazarus APT continues to target cryptocurrency businesses with Mac malware
New Shodan Monitor service allows tracking Internet-Exposed devices
WinRAR CVE-2018-20250 flaw exploited in multiple campaigns
Commando VM – Using Windows for pen testing and red teaming
Google developer disclosed Zero-Day flaw in TP-Link SR20 Routers
Magento fixed a critical Magento SQL Injection flaw
Malware researchers decrypted the Qrypter Payload
Millions of Toyota customer records exposed in data breach
Victims of attacks in the Philippines are filing lawsuit against company enabling them
Exodus, a government malware that infected innocent victims
Expert disclosed two Zero-Day flaws in Microsoft browsers
Initial fixes for Cisco RV320 and RV325 routers were incomplete
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment