Security Affairs newsletter Round 231

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog.

Once again thank you!

Experts found Joker Spyware in 24 apps in the Google Play store
Toyota Boshoku Corporation lost over $37 Million
following BEC attack

University, Professional Certification or Direct

WordPress 5.2.3 fixes multiple issues, including
some severe XSS flaws

Belarusian authorities seized XakFor, one of the
largest Russian-speaking hacker sites

China-linked APT3 was able to modify stolen NSA

Stealth Falcon New Malware Uses Windows BITS Service
to Stealthy Exfiltrate Data

Stealth Falcons undocumented backdoor uses Windows
BITS to exfiltrate data

Symantec uncovered the link between China-Linked
Thrip and Billbug groups

Privacy Fails Again

Wikipedia suffered intermittent outages as a result
of a malicious attack

DoS attack the caused disruption at US power utility
exploited a known flaw

Million of Telestar Digital GmbH IoT radio devices
can be remotely hacked

Police dismantled Europes second-largest counterfeit
currency network on the dark web

Robert Downey Jrs Instagram account has been hacked

Adobe September 2019 Patch Tuesday updates fix 2
code execution flaws in Flash Player

Dissecting the 10k Lines of the new TrickBot Dropper

Microsoft Patch Tuesday updates for September 2019
fix 2 privilege escalation flaws exploited in attacks

NetCAT attack allows hackers to steal sensitive data
from Intel CPUs

Some models of Comba and D-Link WiFi routers leak
admin credentials

The Wolcott school district suffered a second
ransomware attack in 4 months

Iran-linked group Cobalt Dickens hit over 60
universities worldwide

LokiBot info stealer involved in a targeted attack
on a US Company

SAP September 2019 Security Patch Day addresses four
Security Notes rated as Hot News

SimJacker attack allows hacking any phone with just
an SMS

Poland to establish Cyberspace Defence Force by 2024

The US Treasury placed sanctions on North Korea
linked APT Groups

WatchBog cryptomining botnet now uses Pastebin for

Expert disclosed passcode bypass bug in iOS 13 a
week before its release

Hackers stole payment data from Garmin South Africa
shopping portal

InnfiRAT Trojan steals funds from Bitcoin and
Litecoin wallets

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – Newsletter, hacking)

The post Security Affairs newsletter Round 231 appeared first on Security Affairs.