Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

APT

Security Affairs newsletter Round 207 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Federal Emergency Management Agencys (FEMA) data leak exposes data of 2.3M survivors Malware Static Analysis Microsoft Defender APT now protects also macOS WordPress Social Warfare plugin zero-day exploited in […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

Federal Emergency Management Agencys (FEMA) data leak exposes data of 2.3M survivors
Malware Static Analysis
Microsoft Defender APT now protects also macOS
WordPress Social Warfare plugin zero-day exploited in attacks
Anubis II – malware and afterlife
Free Tools: spotting APTs through Malware streams
Hackers raised fake tornado alarms in two Texas towns
Operation ShadowHammer – Supply-Chain attack hit ASUS users
PewDiePie ransomware oblige users subscribe to PewDiePie YouTube channel
Telegram allows users to delete any sent/received message from both sides with no time limit
How to get back files encrypted by the Hacked Ransomware for free
iOS 12.2 update addresses some troubling vulnerabilities
Microsoft experts found high severity flaws in Huawei PCManager
The Ursnif Gangs keep Threatening Italy
Whitehat settings allow white hat hackers to Test Facebook mobile apps
A new AZORult C++ variant can establish RDP connections
Experts found 36 vulnerabilities in the LTE protocol
LUCKY ELEPHANT campaign targets South Asian governments
Norsk Hydro estimates losses between $35M – $41M in the first week after cyberattack
Operation SaboTor – Police arrested 61 vendors and buyers in the dark web
Android Trojan Gustuff capable of targeting more than 100 global banking apps, cryptocurrency and marketplace applications
ASUS fixes supply chain of Live Update tool hit in Operation ShadowHammer
Gustuff Android banking trojan targets 125+ banking, and 32 cryptocurrency apps
Lazarus APT continues to target cryptocurrency businesses with Mac malware
New Shodan Monitor service allows tracking Internet-Exposed devices
WinRAR CVE-2018-20250 flaw exploited in multiple campaigns
Commando VM – Using Windows for pen testing and red teaming
Google developer disclosed Zero-Day flaw in TP-Link SR20 Routers
Magento fixed a critical Magento SQL Injection flaw
Malware researchers decrypted the Qrypter Payload
Millions of Toyota customer records exposed in data breach
Victims of attacks in the Philippines are filing lawsuit against company enabling them
Exodus, a government malware that infected innocent victims
Expert disclosed two Zero-Day flaws in Microsoft browsers
Initial fixes for Cisco RV320 and RV325 routers were incomplete
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]