Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 208 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Ex-NSA contractor Harold Thomas Martin pleads guilty to federal charge of willful retention of national defense information Experts released the List of ~600 MAC addresses hit in ASUS hack […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

Ex-NSA contractor Harold Thomas Martin pleads guilty to federal charge of willful retention of national defense information
Experts released the List of ~600 MAC addresses hit in ASUS hack
Microsoft took control of 99 domains used by Iran-linked Phosphorus APT
Buca di Beppo, Planet Hollywood and other restaurants owned by Earl Enterprises hit by card breach
Investigator said Saudis hacked into Amazon CEO Jeff Bezos phone
New Linux/DDosMan threat emerged from an evolution of the older Elknot
VMware addressed vulnerabilities disclosed at Pwn2Own 2019
26k+ Kibana Instances exposed Elasticsearch databases online
Analyzing AZORult malware using NSA Ghidra suite
BREAKING: new update about DDoSer Linux/DDoSMan ELF malware based on Elknot
Closure JavaScript Library introduced XSS issue in Google Search and potentially other services
Computer systems in the City of Albany hit in Ransomware Attack
CVE-2019-0211 Apache flaw allows getting root access via script
Cyber Defense Magazine – April 2019 has arrived. Enjoy it!
Crooks use hidden directories of compromised HTTPS sites to deliver malware
Experts found 540 Million Facebook user records on unprotected Amazon S3 buckets
Georgia Tech security breach exposed up to 1.3 million individuals
Group-IB report: JS-sniffers infected 2440 websites around the world
OceanLotus APT group leverages a steganography-based loader to deliver backdoors
Advantech addressed code execution and DoS flaws in WebAccess software
Cisco fixes flaws RV320 and RV325 routers targeted in attacks
New XLoader variant leverage Twitter to hide C2 addresses
NSA releases the source code of the GHIDRA reverse engineering framework
The German chemicals giant Bayer hit by a cyber attack
Flaws in Pre-Installed security App on Xiaomi Phones open to hack them
Hackers can add, remove cancer and other illnesses from Computer Tomography scans
More than 2 million Apache HTTP servers still affected by CVE-2019-0211 flaw
Step By Step Office Dropper Dissection
Ursnif: The Latest Evolution of the Most Popular Banking Malware
Xwo Malware scans the Internet for Exposed Services, Default Passwords
DoS flaw in several MikroTik Routers exploited in attacks
FIN6 group starts using LockerGoga and Ryuk Ransomware
Magento Attacked Through Card Skimming Exploit
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]