Security Affairs newsletter Round 239

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Controversial law entered into effect in Russia this week

First Cyber Attack ‘Mass Exploiting BlueKeep RDP Flaw Spotted in the Wild

New Gafgyt botnet targets Gaming Servers

Everis and Spains radio network Cadena SER hit by ransomware

Exclusive – Analysis of the sample that hit the Kudankulam Nuclear Power Plant

GitLab plans to ban hires in China and Russia due to espionage concerns

Ocala City in Florida lost $742,000 following BEC attack

QSnatch malware already infected thousands of QNAP NAS devices

Two unpatched RCE flaws in rConfig software expose servers to hack

Anonymous and LulzSecITA hacked professional orders and telephone operator Lyca Mobile

‘Light commands attack: hacking Alexa, Siri, and other voice assistants via Laser Beam

Flaws in Able2Extract Professional tool allow hacking targeted machine with malicious image files

Mysterious DarkUniverse APT remained undetected for 8 years

Ransomware attack impacted government services in the territory of Nunavut, Canada

A flaw in the Libarchive library impacts major Linux distros

‘Camgirl sites expose millions of members and users

Brooklyn Hospital lost patient records after a ransomware infection

Facebook discloses a new leak that exposes group members data

Amazons Ring Video Doorbell could open the door of your home to hackers

Bug Hunters Earn $195,000 for Hacking TVs, Routers, Phones at Pwn2Own Tokyo 2019

Specially Crafted ZIP archives allow bypassing secure email gateways

Trend Micro rogue employee sold customer data to tech support scammers

Two former Twitter employees charged of spying on Users for Saudi Arabian Government

Capesand is a new Exploit Kit that appeared in the threat landscape

DNA-testing startup Veritas Genetics disclosed a security breach

Italian police shut down darkweb Berlusconi market and arrested admins

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Pwn2Own Tokyo 2019 -Day2: experts hacked Samsung Galaxy S10 and Xiaomi Mi9 phones and TP-Link AC1750 routers

Cisco Talos discovered multiple flaws in the LEADTOOLS toolkits

DHS CISA warns of Critical issues in Medtronic Medical equipment

The Platinum APT group adds the Titanium backdoor to its arsenal

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – newsletter)

The post Security Affairs newsletter Round 239 appeared first on Security Affairs.