A new round of the weekly newsletter arrived! The best news of the week with Security Affairs
Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog.
Fake UpdraftPlus WordPress Plugins used to backdoor sites
TA505 cybercrime group use SDBbot RAT in recent
campaigns
US Army stopped using floppy disks as storage for
SACCS system that manages nuclear weapons arsenal
Avast internal network breached for the second time
by sophisticated hackers
Czech Police and Intelligence agency dismantled
Russian Spy ring on its soil
Hackers stole card details from BriansClub carding
site
UK/US investigation revealed that Russian Turla APT
masqueraded as Iranian hackers
Winnti APT group uses skip-2.0 malware to control
Microsoft SQL Servers
Autoclerk travel reservations platform data leak
also impacts US Government and military
German firm Pilz still down a week after getting
infected with ransomware
NordVPN, TorGuard, and VikingVPN VPN providers
disclose security breaches
Trend Micro Anti-Threat Toolkit could be used to run
malware on Win PCs
Experts believe the Magecart Group 5 could be linked
to the Carbanak APT
Experts found DLL Hijacking issues in Avast, AVG,
and Avira solutions
Exploring the CPDoS attack on CDNs: Cache Poisoned
Denial of Service
Robots at HIS Group are vulnerable to hack
FBI and DHS CISA issue alerts on e-skimming attacks
Swedish Government grants police the use of spyware
against violent crime suspects
Texas man sentenced to 145 months in federal prison
for hacking Los Angeles Superior Court
DDoS Attack on Amazon Web Services caused
intermittently outage
Experts attribute NukeSped RAT to North Korea-Linked
hackers
Google addresses High-Severity sandbox escape issues
in Chrome
Ransomware attack hit the City of Johannesburg
municipality
Spear-phishing attacks target United Nations and
NGOs
Tortuga Crisis: Moonwalk, one of the biggest pirate
CDNs eliminated dragging other big CDN-providers down
CVE-2019-11043 exposes Web servers using nginx and
PHP-FPM to hack
P&G online beauty store First Aid Beauty hit by
Magecart attack
Unsecured ElasticSearch DB exposed data for 7.5M
Adobe Creative Cloud Users
window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;
try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
});
}
catch (error) {}
Pierluigi Paganini
(SecurityAffairs – newsletter, hacking)
The post Security Affairs newsletter Round 237 appeared first on Security Affairs.