A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Abandoned Eval PHP WordPress plugin abused to backdoor websitesCISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalogAt least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attackAmerican Bar Association (ABA) suffered a data breach,1.4 million members impactedPro-Russia hackers launched a massive attack against the EUROCONTROL agencyCisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutionsIntro to phishing: simulating attacks to build resiliencyMultinational ICICI Bank leaks passports and credit card numbersVMware fixed a critical flaw in vRealize that allows executing arbitrary code as rootLazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attackExperts disclosed two critical flaws in Alibaba cloud database servicesGoogle TAG warns of Russia-linked APT groups targeting UkraineTrigona Ransomware targets Microsoft SQL serversRussian national sentenced to time served for committing money laundering for the Ryuk ransomware operationGoogle fixed the second actively exploited Chrome zero-day of 2023US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flawsIran-linked Mint Sandstorm APT targeted US critical infrastructurePWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022Experts temporarily disrupted the RedLine Stealer operationsCISA adds bugs in Chrome and macOS to its Known Exploited Vulnerabilities catalog
The intricate relationships between the FIN7 group and members of the Conti ransomware gangIsraeli surveillance firm QuaDream is shutting down amidst spyware accusationsNew QBot campaign delivered hijacking business correspondenceChina-linked APT41 group spotted using open-source red teaming tool GC2Vice Society gang is using a custom PowerShell tool for data exfiltrationExperts warn of an emerging Python-based credential harvester named LegionExperts found the first LockBit encryptor that targets macOS systemsNCR was the victim of BlackCat/ALPHV ransomware gangRemcos RAT campaign targets US accounting and tax return preparation firms
Intelligence and Information Warfare
Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:
The Teacher – Most Educational Blog
The Entertainer – Most Entertaining Blog
The Tech Whizz – Best Technical Blog
Best Social Media Account to Follow (@securityaffairs)
Please nominate Security Affairs as your favorite blog.
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition appeared first on Security Affairs.