Security Affairs newsletter Round 341

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hoursStudy reveals top 200 most common passwordsThe newer cybercrime triad: TrickBot-Emotet-ContiTor Project calls to bring more than 200 obfs4 bridges online by DecemberCanadian teenager stole $36 Million in cryptocurrency via SIM SwappingCalifornia Pizza Kitchen discloses a data breachNorth Korea-linked TA406 cyberespionage group activity in 2021Conti ransomware operations made at least $25.5 million since July 2021Android banking Trojan BrazKing is back with significant evasion improvementsMicrosoft addresses a high-severity vulnerability in Azure ADAttackers deploy Linux backdoor on e-stores compromised with software skimmerZero-Day flaw in FatPipe products actively exploited, FBI warnsPhishing campaign targets Tiktok influencer accountsUS, UK and Australia warn of Iran-linked APTs exploiting Fortinet, Microsoft Exchange flawsNetgear fixes code execution flaw in many SOHO devicesCISA releases incident response plans for federal agenciesThe rise of millionaire zero-day exploit marketsIran-linked APT groups continue to evolveMandiant links Ghostwriter operations to BelarusGitHub addressed two major vulnerabilities in the NPM package managerAdult cam site StripChat exposes the data of millions of users and cam modelsIntel addresses 2 high-severity issues in BIOS firmware of several processorsSharkBot, a new Android Trojan targets banks in EuropeOperation Reacharound – Emotet malware is backCloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to dateNorth Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA ProMicrosoft rolled out emergency updates to fix Windows Server auth failuresHappy 10th Birthday, Security AffairsQAKBOT Trojan returns using Squirrelwaffle as a dropperTwo Sony PS5 exploits disclosed the same dayENISA – The need for Incident Response Capabilities in the health sectorUpdated: Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email serverFTC shares guidance for small businesses to prevent ransomware attacksThreat Report Portugal: Q3 2021

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 341 appeared first on Security Affairs.