Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 160 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! ·      Experts spotted spam campaigns delivering XTRAT and DUNIHI backdoors bundled with the Adwind […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      Experts spotted spam campaigns delivering XTRAT and DUNIHI backdoors bundled with the Adwind RAT
·      SunTrust unfaithful employee may have stolen data on 1.5 Million customers
·      Unscrupulous crooks behind the RansSIRIA Ransomware try to exploit attentions on Syrian refugee crisis
·      CVE-2018-0229 flaw in SAML implementation threatens Firepower, AnyConnect and ASA products
·      Google Project Zero hacker discloses a Zero-Day in Windows Lockdown Policy
·      Health Stream left exposed online a database containing contact data for roughly 10,000 medics
·      Orangeworm cyber espionage group target Healthcare organizations worldwide
·      Take These Steps to Secure Your WordPress Website Before Its Too Late
·      BeatCoin – Researchers demonstrate how to steal Cold Wallet Keys from Air-Gapped PCs
·      CSE Malware ZLab – Malware Analysis Report: The Bandios malware suite
·      Kasperskys analysis of servers compromised by Energetic Bear shows the APT operates on behalf of others
·      SAFERVPN CVE-2018-10308 VULNERABILITY, FROM DOS TO DEANONYMIZATION
·      Do Not Disturb app will protect your device from evil maid attacks
·      Expert devised a exploit for a Code Execution vulnerability in NVIDIA Tegra Chipsets
·      Police shut down the biggest DDoS-for-hire service (webstresser.org) and arrested its administrators
·      Portugal is the 21st country to join the NATO Cyber-Defence Centre
·      CVE-2018-7602 – Drupal addressed a new vulnerability associated with Drupalgeddon2 flaw
·      F-Secure experts devised a Master Key that unlocks millions of hotel rooms
·      Hacking the Amazon Alexa virtual assistant to spy on unaware users
·      Western Digital MY CLOUD EX2 storage devices leak files
·      Dutch Police shut down the Anon-IB revenge porn forum
·      Microsoft releases new software and microcode updates to address Spectre flaw (Variant 2).
·      Necurs Spam Botnet operators adopt a new technique to avoid detection
·      Rubella Macro Builder Crimeware Kit gains popularity on cybercrime underground
·      European and US police hit the Islamic State propaganda machine
·      Expert shows how to trigger blue-screen-of-death on Windows by triggering NTFS flaw
·      How to use weaponized PDF documents to steal Windows credentials

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]