Security Affairs newsletter Round 354

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

CISA compiled a list of free cybersecurity tools and servicesWhite House and UK Gov attribute DDoS attacks on Ukraine to Russia’s GRUUpdraftPlus WordPress plugin update forced for million sitesGoogle Privacy Sandbox promises to protect user privacy onlineIran-linked TunnelVision APT is actively exploiting the Log4j vulnerabilityCVE-2021-44731 Linux privilege escalation bug affects Canonical’s Snap Package ManagerResearchers created a PoC exploit for recently disclosed critical Magento CVE-2022-24086 bugThreat actors leverage Microsoft Teams to spread malwareSpecially crafted emails could crash Cisco ESA devicesEuropean Data Protection Supervisor call for bans on surveillance spyware like Pegasus
New Kraken botnet is allowing operators to earn USD 3,000 every month
Nation-state actors hacked Red Cross exploiting a Zoho bugRussia-linked threat actors breached US cleared defense contractors (CDCs)Trickbot targets customers of 60 High-Profile companiesExperts disclose details of Apache Cassandra DB RCECISA added 9 new flaws to the Known Exploited Vulnerabilities Catalog, including Magento e Chrome bugsVMware fixes flaws demonstrated at Chinese Tianfu Cup hacking contestUkraine: Military defense agencies and banks hit by cyberattacksQNAP extends security Updates for some EOL devicesBlackCat gang claimed responsibility for Swissport ransomware attack
Google fixes a Chrome zero-day flaw actively exploited in attacks
Remote sex toys might spice up your love life – but crooks could also get a kick out of themSSU: Russia-linked actors are targeting Ukraine with ‘massive wave of hybrid warfare’BlackByte ransomware breached at least 3 US critical infrastructure organizationsEuropean Central Bank tells banks to step up defences against nation-state attacksCritical Magento zero-day flaw CVE-2022-24086 actively exploitedAlleged ransomware attack disrupted operations at Slovenia’s Pop TV stationOrganizations paid at least $602 million to ransomware gangs in 2021San Francisco 49ers NFL team discloses BlackByte ransomware attackAnalyzing Phishing attacks that use malicious PDFs

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 354 appeared first on Security Affairs.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt