Security Affairs newsletter Round 236

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog.

A new Mac malware dubbed Tarmac has been distributed via malvertising campaigns
Alabama Hospital chain paid ransom to resume
operations after ransomware attack

Charming Kitten Campaign involved new impersonation

Imperva explains how hackers stole AWS API Key and
accessed to customer data

Is Emotet gang targeting companies with external

Privacy advocates criticize Apple for sharing some
users browsing data with Tencent

Talos experts found 11 flaws in Schneider Electric
Modicon Controllers

Click2Mail suffered a data breach that potentially impacts
200,000 registrants

Global Shipping and mailing services firm Pitney
Bowes hit by ransomware attack

sudo flaw allows any users to run commands as Root
on Linux

Winnti Group was planning a devastating supply-chain
attack against Asian manufacturer

Adobe out-of-band security updates address 82 flaws
in 3 products

Approaching the Reverse Engineering of a RFID/NFC
Vending Machine

Chinese-speaking cybercrime gang Rocke changes

Signature update for Symantec Endpoint protection
crashed many device

Critical and high-severity flaws addressed in Cisco
Aironet APs

Cryptocurrency miners infected more than 50% of the
European airport workstations

Graboid the first-ever Cryptojacking worm that targets
Docker Hub

International operation dismantled largest Dark Web
Child abuse site

M6 Group, largest France private multimedia group,
hit by ransomware attack

China-linked cyberspies Turbine PANDA targeted
aerospace firms for years

Pitney Bowes revealed that its systems were infected
with Ryuk Ransomware

Researcher released PoC exploit code for
CVE-2019-2215 Android zero-day flaw

Systems at Ingredients provider Ingredion infected
with a Malware

Trojanized Tor Browser targets shoppers of Darknet
black marketplaces

A critical Linux Wi-Fi bug could be exploited to fully
compromise systems

Emsisoft released a free decryption tool for the
STOP (Djvu) ransomware

Hundreds of millions of UC Browser Android Users
Exposed to MiTM Attacks. Again.

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – iCloud, zero-day)

The post Security Affairs newsletter Round 236 appeared first on Security Affairs.