Security Affairs newsletter Round 255

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Facebook sues Namecheap to protect people from domain name fraud
Netgear fixes a critical RCE that could allow to
takeover Flagship Nighthawk routers

New Coronavirus-themed malspam campaign delivers
FormBook Malware

The City of Durham shut down its network after Ryuk
Ransomware attack

Australias privacy watchdog sues Facebook over
Cambridge Analytica scandal

Former CIA employee Joshua Schulte was convicted of
only minor charges

Nation-state actors are exploiting CVE-2020-0688
Microsoft Exchange server flaw

Revista Factum suffered week-long cyber attacks for
denouncing corruption by the president of El Salvador

Sodinokibi Ransomware operators threaten to leak
‘dirty financial data of a company

FBI arrested a Russian citizen suspected to be the
mastermind of Deer.io

Hackers use hackers spreading tainted hacking tools
in long-running campaign

Microsoft accidentally reveals Wormable Win SMBv3
CVE-2020-0796 Flaw

Microsoft disrupted US-Based Infrastructure of the
Necurs botnet

Microsoft warns of Human-Operated Ransomware as a
growing threat to businesses

Avast disables the JavaScript engine component due
to a severe issue

Bugs in Avast AntiTrack expose users to cyber
attacks

Microsofts Patch Tuesday updates for March 2020 fix
115 issues

Office network at the European Network of
Transmission System Operators for Electricity (ENTSO-E) breached

RCE in popular ThemeREX WordPress Plugin has been
actively exploited

Card data stole from the Volusion security breach
surfaces on the dark web

Crooks use weaponized coronavirus map to deliver
malware

Experts disclose tens of flaws in Zyxel Cloud CNM
SecuManager, includes dangerous backdoors

Hacking a network, using an ‘invisibility cloak – Is
it that simple?

Microsoft fixes CVE-2020-0796, the SMBv3 wormable
bug recently leaked

Talos found tens of dangerous flaws in WAGO
Controllers

Cookiethief, the Android malware that hijacks
Facebook accounts

European police arrested tens of members of two SIM
Hijacking Gangs

Flaws in the Popup Builder WordPress plugin expose
100K+ websites to hack

Russia-Linked Turla APT uses new malware in watering
hole attacks

State-sponsored hackers are launching
Coronavirus-themed attacks

VMware fixes a critical bug in Workstation, Fusion
that allows code execution on host From guest

A bug in Tor Browser allows execution of JavaScript
even in Safest security level

One of the major COVID-19 testing laboratories in
Czech hit by cyberattack

Slack bugs allowed take over victims accounts

Trump signed a bill to help small telecoms replace
Huawei equipment

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
});
}
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

ù
The post Security Affairs newsletter Round 255 appeared first on Security Affairs.