Security Affairs newsletter Round 227

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog.

Once again thank you!

10-year-old vulnerability in Avaya VoIP Phones finally fixed
Boffins hacked Siemens Simatic S7, most secure
controllers in the industry

Gaining remote code execution using a tainted SQLite

FBI is searching for contractors to monitor social

Flaws in device drivers from 20 vendors allow
hackers to install a persistent backdoor

Infecting Canon EOS DSLR camera with ransomware over
the air

Watch out, your StockX account details may be
available in crime forums

Adobe Patch Tuesday for August 2019 fixed 119 flaws
in 8 products

Cerberus, a new banking Trojan available as
malware-as-a-service in the underground

Flaws in 4G Routers of various vendors put millions
of users at risk

Google hacker discloses 20-year-old Windows flaw
still unpatched

Recently Cloud Atlas used a new piece of polymorphic

Czech Republic ‘s committee blames foreign state for
Foreign Ministry Cyberattack

Flaws in HTTP/2 implementations expose servers to
DoS attacks

Microsoft Patch Tuesday for August 2019 patch 93
bugs, including 2 dangerous wormable issues

Security Patch Day for August includes the most
critical Note released by SAP in 2019

A flaw in Kaspersky Antivirus allowed tracking its
users online

Biometric data of 1M leaked via an unsecured Suprema
owned database

KNOB attack threatens over a billion
Bluetooth-enabled devices

Threat actors use a Backdoor and RAT combo to target
the Balkans

700,000 records belonging to Choice Hotels customer
leaked online. Crooks demanded ransom

European Central Bank (ECB) discloses data breach in
BIRD Newsletter

Hurry Up! Update your LibreOffice because 2 patches
have been bypassed

Mozilla addresses master password security bypass
flaw in Firefox

USBSamurai — A Remotely Controlled Malicious USB HID
Injecting Cable for less than 10$

Expert shows how to bypass a fix for a recently
discovered Steam flaw

New DanaBot banking Trojan campaign targets Germany

Trend Micro addressed two DLL Hijacking flaws in
Trend Micro Password Manager

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – newsletter)

The post Security Affairs newsletter Round 227 appeared first on Security Affairs.