Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 138 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Once again thank you! ·      A second variant of the new Cryptomix Ransomware released in a few days ·      Cash Converters suffered a data breach, users of the old webshop are at risk ·      De-authentication attack on […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Once again thank you!

·      A second variant of the new Cryptomix Ransomware released in a few days
·      Cash Converters suffered a data breach, users of the old webshop are at risk
·      De-authentication attack on Amazon Key could let crooks to disable your camera
·      Security Affairs newsletter Round 137 – News of the week
·      A bug in the Android MediaProjection service lets hackers to record audio and screen activity on 77% of all devices
·      According to UIDAI, more than 200 government websites made Aadhaar users details public
·      Experts observed a new wave of wp-vcd malware attacks targeting WordPress sites
·      Global Cyber Alliance launched the Quad9 DNS service to secure your online experience
·      The controversial certificate authority StartCom will go out of business on January 1, 2018
·      2017 OWASP Top 10 Final Release is out, whats new?
·      A massive cyber attack hit the Algerian state telecom operator Algerie Telecom
·      BankBot Trojan bypasses again security checks implemented by Google for the Play Store
·      Using Unsecured IoT Devices, DDoS Attacks Doubled in the First Half of 2017
·      Windows 8 and newer versions fail to properly implement ASLR
·      Experts found a way to exploit HP Enterprise printers to hack into company networks
·      Lazarus APT uses an Android app to target Samsun users in the South Korea
·      Lazarus APT uses an Android app to target Samsung users in the South Korea
·      ProtonMail Contacts – ProtonMail launches worlds first encrypted contacts manager
·      U.S. charges Iranian state-sponsored hacker over ‘Game of Thrones HBO hack
·      Unbelievable: Uber concealed data breach that exposed 57 Million records in 2016
·      Artificial Intelligence is Important for Cybersecurity, But Its Not Enough
·      Crooks set up a fake Symantec Blog to spread the macOS Proton malware
·      Google gathers Android users location data even when location services are disabled
·      Many vendors will release fixes for flaws in the Intel Management Engine
·      You need to patch your Samba installation as soon as possible
·      Advanced cyber attack hits Saudi Arabia to disrupt government computers
·      Double check if your Bitcoin/Ethereum wallet is exposed online, crooks are running massive Internet scans
·      Firefox will notify users who visit sites that suffered a data breach
·      Self-Replicating Malware exploits MS Office Built-In feature
·      A new version of the Scarab ransomware is now being distributed via the Necurs botnet
·      GOLDEN SAML attack technique forges authentication to cloud apps
·      Imgur was hacked in 2014, 1.7 million user accounts were compromised
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]