Security Affairs
Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 180 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·      Domestic Kitten – An Iranian surveillance operation […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal

20% discount

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      Domestic Kitten – An Iranian surveillance operation under the radar since 2016
·      The main source of infection on ICS systems was the internet in H1 2018
·      A growing number of iOS apps collect and sell location data
·      Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks
·      Fallout exploit kit appeared in the threat landscape in malvertising campaigns
·      GAO Report shed the lights on the failures behind the Equifax hack
·      Mirai and Gafgyt target Apache Struts and SonicWall to hit enterprises
·      Adobe Patch Tuesday for September 2018 fixes 10 flaws in Flash Player and ColdFusion
·      MageCart crime gang is behind the British Airways data breach
·      Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns
·      Trend Micro Apps removed from Mac App Store after being caught exfiltrating user data
·      Zerodium disclose exploit for NoScript bug in version 7 of Tor Browser
·      Cyber Defense Magazine – September 2018 has arrived. Enjoy it!
·      Microsoft Patch Tuesday updates for September 2018 also address recently disclosed Windows zero-day
·      Researchers show how to clone Tesla S Key Fobs in a few seconds
·      September 2018 Security Notes address a total of 14 flaws in SAP products
·      Cobalt crime gang is using again CobInt malware in attacks on former soviet states
·      Flaws in firmware expose almost any modern PC to Cold Boot Attacks
·      ICS CERT warns of several flaws Fuji Electric Fuji Electric V-Server
·      ICS CERT warns of several flaws in Fuji Electric V-Server
·      New PyLocky Ransomware stands out for anti-machine learning capability
·      Iran-Linked OilRig APT group targets high-ranking office in a Middle Eastern nation
·      Kelihos botmaster pleads guilty in U.S. District Court in Connecticut
·      Operator at kayo.moe found a 42M Record Credential Stuffing Data ready to use
·      China-linked APT10 group behind new attacks on the Japanese media sector
·      Dutch expelled two Russian spies over hack plan on Swiss lab working on Skripal case
·      Experts disclose a Webroot SecureAnywhere macOS Kernel Level bug found months ago
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]