Security Affairs newsletter Round 366 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Asian media company Nikkei suffered a ransomware attackRussia-linked Sandworm continues to conduct attacks against UkraineCisco fixes an IOS XR flaw actively exploited in the wildQNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devicesPwn2Own Vancouver 2022 D2The activity of the Linux XorDdos bot increased by 254% over the last six monthsConti ransomware is shutting down operations, what will happen now?Google OAuth client library flaw allowed to deploy of malicious payloadsPwn2Own Vancouver 2022 D1: MS Teams exploits received $450,000China-linked Space Pirates APT targets the Russian aerospace industryCISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flawsVMware fixed a critical auth bypass issue in some of its productsMicrosoft warns of attacks targeting MSSQL servers using the tool sqlpsMicrosoft warns of the rise of cryware targeting hot walletsConti Ransomware gang threatens to overthrow the government of Costa RicaExperts spotted a new variant of UpdateAgent macOS malware dropper written in SwiftVenezuelan cardiologist accused of operating and selling Thanos ransomwareOver 200 Apps on Play Store were distributing Facestealer info-stealerCISA adds CVE-2022-30525 flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities CatalogA custom PowerShell RAT uses to target German users using Ukraine crisis as baitApple fixes the sixth zero-day since the beginning of 2022Experts show how to run malware on chips of a turned-off iPhoneUkrainian national sentenced to 4 years in prison for selling access to hacked serversEternity Project: You can pay $260 for a stealer and $490 for a ransomwareMay 08 – May 14 Ukraine – Russia the silent cyber conflictSecurity Affairs newsletter Round 365 by Pierluigi PaganiniUkraine CERT-UA warns of new attacks launched by Russia-linked Armageddon APTSysrv-K, a new variant of the Sysrv botnet includes new exploitsPlease vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERSVote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.To nominate, please visit: https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform  

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 366 by Pierluigi Paganini appeared first on Security Affairs.