Security Affairs newsletter Round 235

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog.

Hacker is auctioning a database containing details of 92 million Brazilians
Iran-linked Phosphorus group hit a 2020 presidential

UK NCSC agency warns of APTs exploiting Enterprise
VPN vulnerabilities

D-Link router models affected by remote code
execution issue that will not be fixed

Data from Sephora and StreetEasy data breaches added

PoS malware infections impacted four restaurant
chains in the U.S.

US will help Baltic states to secure baltic energy

Developer hacked back Muhstik ransomware crew and
released keys

Experts found a link between a Magecart group and
Cobalt Group

Hackers continue to exploit the Drupalgeddon2 flaw
in attacks in the wild

MS October 2019 Patch Tuesday updates address 59

Users reported problems with patches for
CVE-2019-1367 IE zero-day

Hackers compromised Volusion infrastructure to
siphon card details from thousands of sites

Multiple APT groups are exploiting VPN vulnerabilities,
NSA warns

Researchers discovered a code execution flaw in NSA

Twitter inadvertently used Phone Numbers collected
for security for Ads

vBulletin addresses three new high-severity

Amnesty claims that 2 Morocco rights advocates were
targeted by NSO Group spyware

Attor malware was developed by one of the most
sophisticated espionage groups

iTunes Zero-Day flaw exploited by the gang behind
BitPaymer ransomware

Ops, popular iTerm2 macOS Terminal App is affected
by a critical RCE since 2012

SAP October 2019 Security Patch Day fixes 2 critical

Tor Project is going to remove End-Of-Life relays
from the network

Hacker breached escort forums in Italy and the
Netherlands and is selling user data

Researchers released a free decryptor for the Nemty

Sophos fixed a critical vulnerability in Cyberoam

Tens of million PCs potentially impacted by a flaw
in HP Touchpoint Analytics

Top cybersecurity certifications to consider for
your IT career

FIN7 Hackers group is back with a new loader and a
new RAT

Leafly Cannabis information platform suffered a data

SIM cards used in 29 countries are vulnerable to
Simjacker attack

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – newsletter)

The post Security Affairs newsletter Round 235 appeared first on Security Affairs.