Security Affairs newsletter Round 329

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the international press subscribe here.

EskyFun data leak, over 1 million Android gamers impactedBoffins show PIN bypass attack Mastercard and Maestro contactless paymentsPhorpiex botnet shuts down and authors put source code for saleAtlassian released security patches to fix a critical flaw in ConfluenceAn RCE in Annke video surveillance product allows hacking the deviceChaosDB, a Critical Cosmos DB flaw affected thousands of Microsoft Azure CustomersThe FBI issued a flash alert for Hive ransomware operationsVictims of Ragnarok ransomware can decrypt their files for freeB. Braun Infusomat pumps could be hacked to alter medication dosesCISA publishes malware analysis reports on samples targeting Pulse Secure devicesCisco fixed a critical flaw in Cisco APIC for Nexus 9000 series switchesKaseya fixed two of the three Kaseya Unitrends zero-days found in JulyPersonal Data and docs of Swiss town Rolle available on the dark webVMware addressed 4 High-Severity flaws in vRealize OperationsF5 addressed a flaw in BIG-IP devices rated as critical severity under specific conditionsFIN8 group used a previously undetected Sardonic backdoor in a recent attackShinyHunters group claims to have data of 70M AT&T customersModified version of Android WhatsApp installs Triada TrojanSamsung could use a TV Block feature to disable any of its TVs worldwideCVE-2021-3711 in OpenSSL can allow to change an application’s behaviorNew zero-click exploit used to target Bahraini activists’ iPhones with NSO spywareFBI flash alert warns on OnePercent Group Ransomware attacksRealtek SDK flaws exploited to deliver Mirai bot variantCISA recommends immediately patch Exchange ProxyShell flawsT-Mobile data breach could be worse than initially thought, 54 million customers impacted Are you using a Sophos UTM appliance? Be sure it is up to date!LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCsMemorial Health System forced to cancel surgeries after ransomware attackGoogle discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoPFollow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

If you want to also receive for free the international press subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 329 appeared first on Security Affairs.