Security Affairs newsletter Round 333
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the international press subscribe here.
GSS, one of the major European call center providers, suffered a ransomware attackThreat actors are attempting to exploit VMware vCenter CVE-2021-22005 flawGoogle addressed the eleventh Chrome zero-day flaw this yearEuropean Union formally blames Russia for the GhostWriter operationCVE-2021-20034 flaw can allow SMA 100 device takeover, patch it now!Researcher released PoC exploit code for 3 iOS zero-day issuesCisco addresses 3 critical vulnerabilities in IOS XE Software3.8 billion Clubhouse and Facebook user records allegedly scraped and merged, put for sale onlineNew FamousSparrow APT group used ProxyLogon exploits in its attacksApple addresses a new zero-day exploited to deploy the NSO Pegasus
A bug in Microsoft Exchange Autodiscover feature leaks +372K of domain credentialsBulletProofLink, a large-scale phishing-as-a-service active since 2018Crystal Valley hit by ransomware attack, it is the second farming cooperative shut down in a weekCVE-2021-40847 flaw in Netgear SOHO routers could allow remote code executionUS CISA, FBI, and NSA warn an escalation of Conti ransomware attacksHikvision cameras could be remotely hacked due to critical flawFlaws in Nagios Network Management systems pose risk to companiesVMware addressed a critical flaw in vCenter Server. Patch it now!A zero-day flaw allows to run arbitrary commands on macOS systemsTurla APT group used a new backdoor in attacks against Afghanistan, Germany and the US
Apache OpenOffice is currently impacted by a remote code execution flawBlack Matter gang demanded a $5.9M ransom to NEW CooperativeData of 106 million visitors to Thailand leaked onlineLarge phishing campaign targets EMEA and APAC governmentsEuropol arrested 106 fraudsters, members of a major crime ringPakistani man sentenced to 12 years of prison for his role in AT&T hacking schemeNumando, a new banking Trojan that abuses YouTube for remote configurationWhy Edward Snowden is urging users to stop using ExpressVPN?
(SecurityAffairs – hacking, newsletter)