Security Affairs newsletter Round 232

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog.

Once again thank you!

A bug in Instagram exposed user accounts and phone numbers
Delaler Leads, a car dealer marketing firm exposed
198 Million records online

Drone attacks hit two Saudi Arabia Aramco oil plants

A flaw in LastPass password manager leaks
credentials from previous site

Astaroth Trojan leverages Facebook and YouTube to
avoid detection

Data leak exposes sensitive data of all Ecuador

France and Germany will block Facebooks Libra

MobiHok RAT, a new Android malware based on old
SpyNote RAT

Tor Projects Bug Smash Fund raises $86K in August

Australia is confident that China was behind attack
on parliament, political parties

Backup files for Lion Air and parent airlines
exposed and exchanged on forums

Experts found 125 new flaws in SOHO routers and NAS
devices from multiple vendors

Experts warn of the exposure of thousands of Google
Calendars online

Fraudulent purchases of digitals certificates
through executive impersonation

Memory corruption flaw in AMD Radeon driver allows
VM escape

More than 737 million medical radiological images
found on open PACS servers

Skidmap Linux miner leverages kernel-mode rootkits
to evade detection

United States government files civil lawsuit against
Edward Snowden

At least 1,300 Harbor cloud registry installs open
to attack

Emotet is back, it spreads reusing stolen email

Smominru Botnet continues to rapidly spread

Commodity Malware Reborn: The AgentTesla Total Oil
themed Campaign

Crooks hacked other celebrity Instagram accounts to
push scams

Magecart attackers target mobile users of hotel
chain booking websites

Two selfie Android adware apps with 1.5M+ downloads
removed from Play Store

U.S. taxpayers hit by a phishing campaign delivering
the Amadey bot

5 Cybersecurity Trends in the Professional Services

Iran denies successful cyber attacks hit
infrastructures of its oil sector

MMD-0063-2019 – Summarize report of three years
MalwareMustDie research (Sept 2016-Sept 2019)

One of the hackers behind EtherDelta hack also
involved in TalkTalk hack

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – newsletter)

The post Security Affairs newsletter Round 232 appeared first on Security Affairs.