Your hacker Blog

Security Affairs newsletter Round 386

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities CatalogGuacamaya hacktivists stole sensitive data from Mexico and Latin American countriesLuxury hotel chain Shangri-La suffered a security breachWitchetty APT used steganography in attacks against Middle East entitiesUS DoD announced the results of the Hack US bug bounty challengeMicrosoft confirms Exchange zero-day flaws actively exploited in the wildUnpatched Microsoft Exchange Zero-Day actively exploited in the wildExperts uncovered novel Malware persistence within VMware ESXi HypervisorsHacker groups support protestors in Iran using Telegram, Signal and DarkwebA cracked copy of Brute Ratel post-exploitation tool leaked on hacking forumsGo-based Chaos malware is rapidly growing targeting Windows, Linux and moreThreat actors use Quantum Builder to deliver Agent Tesla malwareONLINE DISINFORMATION: Under the hood of a DoppelgängerAPT28 relies on PowerPoint Mouseover to deliver Graphite malwareBl00dy ransomware gang started using leaked LockBit 3.0 builder in attacksNUVOLA: the new Cloud Security toolMeta dismantled the largest Russian network since the war in Ukraine beganNorth Korea-linked Lazarus continues to target job seekers with macOS malwareDefense firm Elbit Systems of America discloses data breachWhatsApp fixed critical and high severy vulnerabilitiesErbium info-stealing malware, a new option in the threat landscapeMandiant identifies 3 hacktivist groups working in support of RussiaRussia prepares massive cyberattacks on the critical infrastructure of Ukraine and its alliesChina-linked TA413 group targets Tibetan entities with new backdoorMetador, a never-before-seen APT targeted ISPs and telco for about 2 yearsExmatter exfiltration tool used to implement new extortion tacticsAttackers impersonate CircleCI platform to compromise GitHub accountsOpIran: Anonymous declares war on Teheran amid Mahsa Amini’s death

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 386 appeared first on Security Affairs.