Security Affairs newsletter Round 351

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

QNAP force-installs update against the recent wave of DeadBolt ransomware infectionsUS FCC bans China Unicom Americas telecom over national security risksNCSC warns UK entities of potential destructive cyberattacks from RussiaFinnish diplomats’ devices infected with Pegasus spywareZerodium offers $400,000 for Microsoft Outlook RCE zero-day exploitsDelta Electronics, a tech giants’ contractor, hit by Conti ransomwareExperts devise a technique to bypass Microsoft Outlook Security featurePuerto Rico was hit by a major cyberattackNorth Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks
Popular apps left biometric data, IDs of millions of users in danger
Microsoft mitigated a 3.47 Tbps DDoS attack, the largest one to dateLockbit ransomware gang claims to have hacked Ministry of Justice of FranceA new highly evasive technique used to deliver the AsyncRAT MalwareExperts analyze first LockBit ransomware for Linux and VMware ESXiApple fixed the first two zero-day vulnerabilities of 2022German intelligence agency warns of China-linked APT27 targeting commercial organizationsNew DeadBolt ransomware targets QNAP NAS devicesVMware urges customers to patch VMware Horizon servers against Log4j attacksPwnKit: Local Privilege Escalation bug affects major Linux distros
PrinterLogic fixes high severity flaws in Printer Management Suite
Segway e-store compromised in a Magecart attack to steal credit cardsUK NCSC is going to release Nmap scripts to find unpatched vulnerabilitiesSophisticated attackers used DazzleSpy macOS backdoor in watering hole attacksAttackers are actively targeting critical RCE bug in SonicWall Secure Mobile AccessLatest version of Android RAT BRATA wipes devices after stealing dataA flaw in Rust Programming language could allow to delete files and directoriesTens of AccessPress WordPress themes compromised as part of a supply chain attackRussian authorities arrested the kingpin of cybercrime Infraud OrganizationEmotet spam uses unconventional IP address formats to evade detection
Crooks tampering with QR Codes to steal victim money and info, FBI warns
F5 fixes 25 flaws in BIG-IP, BIG-IQ, and NGINX productsOpenSubtitles data breach impacted 7 million subscribersUS CISA added 17 flaws to its Known Exploited Vulnerabilities CatalogMolerats cyberespionage group uses public cloud services as attack infrastructure

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 351 appeared first on Security Affairs.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt