Security Affairs newsletter Round 330

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the international press subscribe here.

SEC warns of investment scams related to Hurricane IdaApple will delay the rollout of new child pornography protection toolsFIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloadsSource code for the Babuk is available on a hacking forumUSCYBERCOM and CISA warn organizations to fix CVE-2021-26084 Confluence flawConti ransomware gang targets Microsoft Exchange servers with ProxyShell exploitsPRIVATELOG, a new malware that leverages Common Log File System (CLFS) to avoid detectionFBI warns of ransomware attacks targeting the food and agriculture sectorAttacks against SolarWinds Serv-U SW were possible due to the lack of ASLR mitigationWhatsApp CVE-2020-1910 bug could have led to user data exposureNew BrakTooth flaws potentially impact millions of Bluetooth-enabled devicesAttackers are attempting to exploit recently patched Atlassian Confluence CVE-2021-26084 RCECyber Defense Magazine – September 2021 has arrived. Enjoy it!Cisco fixes a critical flaw in Enterprise NFVIS for which PoC exploit existsGoogle paid over $130K in bounty rewards for the issues addressed with the release of Chrome 93Mozi infections will slightly decrease but it will stay alive for some time to comeQNAP will patche OpenSSL flaws in its NAS devicesSEC announces sanctions against entities over email account hackingWatch out, ransomware attack risk increases on holidays and weekends, FBI and CISALockBit ransomware operators leak 200GB of data belonging to Bangkok AirwaysLockFile Ransomware uses a new intermittent encryption techniqueThreat actors can remotely disable Fortress S03 Wi-Fi Home Security SystemHPE wars customers of Sudo flaw in Aruba AirWave Management PlatformThreat actors stole $29 million worth of crypto assets from Cream FinanceMicrosoft Exchange ProxyToken flaw can allow attackers to read your emailsUS DoJ announces the creation of Cyber Fellowship ProgramISRAELI FIRM ‘BRIGHT DATA’ (LUMINATI NETWORKS) ENABLED THE ATTACKS AGAINST KARAPATANCISA urges enterprises to fix Microsoft Azure Cosmos DB flawBoston Public Library discloses cyberattackNew variant of Konni RAT used in a campaign that targeted Russia1 GB of data belonging to Puma available on MarketoDDoS attacks target the Philippine human rights alliance KarapatanSome Synology products impacted by recently disclosed OpenSSL flaws

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

If you want to also receive for free the international press subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

If you want to also receive for free the international press subscribe here.

Follow me on Twitter: @securityaffairs and Facebook
The post Security Affairs newsletter Round 330 appeared first on Security Affairs.