Security Affairs newsletter Round 237

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog.

Fake UpdraftPlus WordPress Plugins used to backdoor sites
TA505 cybercrime group use SDBbot RAT in recent

US Army stopped using floppy disks as storage for
SACCS system that manages nuclear weapons arsenal

Avast internal network breached for the second time
by sophisticated hackers

Czech Police and Intelligence agency dismantled
Russian Spy ring on its soil

Hackers stole card details from BriansClub carding

UK/US investigation revealed that Russian Turla APT
masqueraded as Iranian hackers

Winnti APT group uses skip-2.0 malware to control
Microsoft SQL Servers

Autoclerk travel reservations platform data leak
also impacts US Government and military

German firm Pilz still down a week after getting
infected with ransomware

NordVPN, TorGuard, and VikingVPN VPN providers
disclose security breaches

Trend Micro Anti-Threat Toolkit could be used to run
malware on Win PCs

Experts believe the Magecart Group 5 could be linked
to the Carbanak APT

Experts found DLL Hijacking issues in Avast, AVG,
and Avira solutions

Exploring the CPDoS attack on CDNs: Cache Poisoned
Denial of Service

Robots at HIS Group are vulnerable to hack

FBI and DHS CISA issue alerts on e-skimming attacks

Swedish Government grants police the use of spyware
against violent crime suspects

Texas man sentenced to 145 months in federal prison
for hacking Los Angeles Superior Court

DDoS Attack on Amazon Web Services caused
intermittently outage

Experts attribute NukeSped RAT to North Korea-Linked

Google addresses High-Severity sandbox escape issues
in Chrome

Ransomware attack hit the City of Johannesburg

Spear-phishing attacks target United Nations and

Tortuga Crisis: Moonwalk, one of the biggest pirate
CDNs eliminated dragging other big CDN-providers down

CVE-2019-11043 exposes Web servers using nginx and
PHP-FPM to hack

P&G online beauty store First Aid Beauty hit by
Magecart attack

Unsecured ElasticSearch DB exposed data for 7.5M
Adobe Creative Cloud Users

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – newsletter, hacking)

The post Security Affairs newsletter Round 237 appeared first on Security Affairs.